last executing test programs: 5.731856994s ago: executing program 0 (id=1351): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$unix(0x1, 0x1, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x7) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000000)=0x2, 0x4) connect$unix(r0, &(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) bpf$PROG_LOAD(0x5, 0x0, 0x0) timer_create(0x3, 0x0, 0x0) timer_settime(0x0, 0x1, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x40042) ioctl$EVIOCGBITSND(r1, 0x40044591, 0x0) writev(r1, &(0x7f0000000200)=[{&(0x7f0000000300)="7ab65e9444748081bbaad0ba2b495b63613b564a4e543405b3430ffd4b32cde749f000e59f091aa1bb5dfd40f6f0c98a8e3b1e550567b4210a3001ffecbe397d3f", 0x41}], 0x1) r2 = socket(0x2a, 0x2, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r3, &(0x7f0000000240)="f2435f0100088000000000850800", 0xe, 0x0, &(0x7f0000000200)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000180)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3a}}, 0x7, 0x0, 0xff, 0x1}, 0x20) ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) 5.588170469s ago: executing program 0 (id=1352): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) ioctl$TUNSETDEBUG(r0, 0x400454c9, &(0x7f0000000140)=0x6) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r2, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x8100, 0x0, 0x1, 0xd8, 0x6, @multicast}, 0x14) 5.451748523s ago: executing program 0 (id=1353): socket$inet6(0xa, 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r3, @ANYBLOB="00000000000000005c001280110001006272696467655f736c617665000000004400058005000500000000000500", @ANYRES32=r1], 0x7c}}, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0) 5.401669585s ago: executing program 0 (id=1354): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0009030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r1, &(0x7f0000000000)=""/172, 0xac) syz_usb_disconnect(0xffffffffffffffff) syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[], 0x0) syz_usb_disconnect(0xffffffffffffffff) syz_usb_disconnect(r0) 2.081527856s ago: executing program 2 (id=1378): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xb, 0x8, 0x1, 0x7f, 0x1, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x41}, @jmp={0x5, 0x0, 0x9}], &(0x7f0000000280)='GPL\x00'}, 0x94) 2.022012119s ago: executing program 2 (id=1379): r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb) connect(r0, &(0x7f0000000100)=@in={0x2, 0x4e23, @remote}, 0x80) 2.0218752s ago: executing program 2 (id=1380): socket$inet6_sctp(0xa, 0x1, 0x84) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000200850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000280)='sched_switch\x00', r1, 0x0, 0x6c}, 0x18) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x14) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000180)=0xe) ioctl$TIOCVHANGUP(r5, 0x5437, 0x0) 1.840879046s ago: executing program 2 (id=1381): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) eventfd(0x8c69) syz_clone3(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000380)="2190", 0x2}], 0x1}, 0x1) recvmsg$unix(r2, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x2) 1.711162965s ago: executing program 3 (id=1383): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2}}, 0x2}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1a56, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) sendto$inet6(r0, &(0x7f0000000500)="cbfa3cce8345453fc934bf96ed9b6a51ec6d631f853c524c43ccd12f9489e464665f484cbe550b47612a9fc1d284ae713ff67a8bea02", 0x36, 0x0, &(0x7f0000000380)={0xa, 0x4e21, 0x1, @loopback, 0xffffffff}, 0x1c) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000400)=0x10, 0x4) syz_genetlink_get_family_id$tipc(&(0x7f0000000100), r1) syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), r1) 1.011967888s ago: executing program 0 (id=1385): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x9, 0x1100, 0x40, 0x0, 0x6, 0x0, 0x0, 0x0, 0x40}}, 0x50) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x20c01, 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r3, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0xfff0, 0x20000000, 0x4, 0x1, 0x0, r2, &(0x7f0000000780)='!', 0x1, 0xf}]) syz_fuse_handle_req(r0, &(0x7f00000041c0)="0a44566bd8cd7422e078875d6a98d0a2dcc0a0c7881e44e46c6bf84253a3ba4cba8183c2236313cd49babfb721c547a5caed646bac2f2ea43e134e2a05d84cd813c9e2a96e68352f95c458f6ba48078f1d10fce44d869b4a00c68ca338ff3b877cb434f502cedfe83cbfb33d5233d081ec8ee2ac10e08194f6257183be922fc7203071a2aaf87478d1420237a1516e749623929f0d60f15e536376ba41fbbce034588b60680572f0d1d76ed122dc46252cc143f0e665e3f4e3f56bc454957265bd9a029cf8c7397ca01f95bc0e6601673bb31804c34307725385260df48c32527d74e51e5f26728aaedf9f379f5960f5e6e7146eff3254aaf54eb42834e1f57595a2b0333f5ca1474e07c2447c33dbe8f62f24cd788ac18475493edb813450e917837b125ad6f850e6af93e16828a6741c6ac00a4e25cfcd498f1b857e74a4eb8dce5ffcb3999031f1da13e9e6a973134ec04795a3fe91388fb6b349e668f49bd4c4ffa71a8662916219b4a2075bbfe4892cd1080f662005c1c2030d35999c9637f4836ae5745acae8ff0d745184e58241510d780f8a9aeeccb17b9213527a1b747dd23df6b4ac2ca4bd07fb7de6bb4bf8811e5c2f99f4bbcb3cba79fc483182bb981815a1b1ba5afad464631e6eb940a5da4e73787e9e0103bc7ea59cc8d63f740131a14c3cd034e91e885bd730521ba80c1071f25e0073a44bf8e36cc23a5f433378a13d2e2be7fbb8ca204976651924ae8637b339e883f4d388e239424031e20616341a5d51cd5d574382d518e4824dcdadba86143b4de3ff8126f0be226d1e6526a2af981d11092c428bc699ea208d4d38d63ef525b8da551207397fdb7d57a52c2062182072b017141de1b70bd15c758c88c65f6acffd5b5b0846c2a779660ceef46b22336abf817a24d27c3f66839b5f2f99131898dd372a124d9e5df84b24fa7be045b92fb225a735da1be1972c706120c391ffadf231603ffbb86d38ff2c76202a0f81317a7f790dadcdca1d109e4428f52246b17f6b5822f64d36da71167df86cedf76f4405f320f70a3d6d6307a13e023d9a23985fd9c95793118674346d7977654ed14a121c1bc0b3e8672087245e0721230edc667c1fb6bcdb22b3264b7fffedb589a2899096493ba97ce5fb0ad97821d0a4528465380e086b61f632eb0ce1f89eea2d8336217f51b4085433d426d404431360be55776cbb0f80c33e807732df3d73bf9d9a8e3b1468d2ac7c73a4aa239c96bbeef3965132a02254d887e65fbeaf517e913cc331ed36c3e326163d1a3aef7df9db06f8997668cc35e39813c82a440a73f12011bcc0b2abb993b99e79727d49e6656e8d9ecfb7b65c2c187ca6262361c6a7d3679aba9df764d13485874b1443f47d8caea64963011294082a9d50ed2fb08cdfaaa7dbcf782b7e8f8d8206dbc421bf9807727126b1ea364498f3ae693fe19f5b56af13df090892919c136c201a0d058c1863f136a3ff389cc510c17b1de341ca9a8d6ffd80fd019ac3fd9eeeb845202f2c5f207b1e7e169d57164855b9c3dbdf3c696124136d07a4de6be16b43352567a3e3bab0f73ccdd41255ffeb3ecb2bdf9eedd1d4332f4a7534b01b6331474880d4d07b464bd8c3b18d02fbf1faeeff70c8ae35b4eef002930dfa9a0c9350ffb72c82535a55280ac9c6d5384cf9aa3c66cc918497f51a6dbad608eee21f6085f85990983d0a51e5b41cb69ae52d60fa835045aaa0132be8b4dfdb10f521bc22b0192a4133040453c5a0a8bbb5d4c46ea25f2be5b0e79d71c4a13db6e9cb66db9f2c4804d41b9c26f96fd23c358ee9c8f57322540953224b56072af25b5c7041de560f1d4bde367eb3bbac949d9a9a86123ae62d0f4741446192e85772fb893b64c0e7c44a6e967af906b0f50e32be384027379c8dde251f549f94b16cee199da537d07ae89848da801b43bab3b65651402756cb22d17e602cdc33790ec8a5484a955bc8f487597ac9752166a405bbd7dfc9107af72b46e39d29afd2a0447e53377fd11997ab21db0f740699843a168720377e365caf88fd319dca184cadb8ffb4d288a0045b349be5ecb64561a2bdfa13336ef96aea86c48a5e405330a01c5390d482e6ccf4ebb2cf149d8b6274b2f9e6e1066004172a1a90e0db9838afafcb663bd693b2e5ca35858dcb82c05cbc87ec5cedfbb08daf55c472e250861bf357569342d90a667f3ac7fc2d4e54220444a97810ac14b0af6b043a07c1d791182635b983492f21db4a6ffee2d686238869e50b9bb73d75ec26087c0c8cb92ff25740b3995e4d771469b8474efef04d8d75f3544aaf84f02ad977948764d4c1bce36aa4198d6f22091b263d9eae96f1096fe3d8045949f189f33ec713101fea26ea043fe98b987542e33ab372058c64205e90a0e1f52d04b2c5ba7a5572ddb95f7d2b04f22e2e987c5d0f879db65718d8979da2a45cd333a5aacf96081977a9eb3dcee4afb44443ad37528c5a314d1ea08d1c3f0a36d4bdf77fc0caaeaa1eb2746a26683561b62d22f4e166192892e2ec1597f8bf6e89cd53840c8d7baea220e1b5e17df52a05017363727b0cc77ee61577a79b3de2ed364f3419a30d23701044b45ed3ba44b01804750bacf5bc959cffba86619f3331cc939fecadb5cba1edfe28952e0f70d2d99ce696dab9411aa2f7e7ca6207a3b16fc36a70e339aa5a618f6bcb0272968eba6edd95242825fe6e47cf1d50d229d4b1676aad0e9410aa1f2d6d2fcb9c4ec8e06c83faefbc2143de2367123bdb7669bd959782cf64def3a601c596611ac98d76df33e1fe340829340ba0a582d014ffacf9a9394300ab7efd60222cf96a99e42dae6e1ff1fcad1e3280ca07de5ea7e08b264a60015ffb76cc72d70ded58a1e2f59906f3c76433e4353a94a2a49f91103e2b5491ac7f66d54ae2a0e82099c4c9bd683971c2d3dd51601bf5e94f7660158bc6fdc1b2ce3d689a3aa64c29810ad7d9e91e49b72e6f97230a2a966434bf5cdb339556e6452e6b446766f55df45219fc02192cb73076285e74eb848229bffd812f6058782b3f5d0efa4d7b0d3c120931aa8b679e318ecc5ea539e3dcaf87473e2573189ce500b616957d88a09a014baffbd66990e41a3432891279cb82d9c4b50675ff067b76503535631aab9a29ee7e274eded1cd542c801bf519e1119fbab84f57c7686209c9e5177545bf0f403609c81fe6d8f2979d886c43fa3053b38b6e21ec3632011c97451d8409f169f71d226e61fdd206ec5f962b0277eee286a694ba5381493941ed44b3659994d3cd2a8c9c3bdb2f63d77eaee180428d7d6df86f6738cf7adb4b863c9ee9da9904bba4c2c3188a1ce31c5b082857e5566055c8cf58a9e9f7624d220b8d3093cbc6eaed7fcf15fc700ed711575aff5fb5cb7e206c810ea7a766d2960a1356687aad2ec171e4a1db6540a9257385a1e8b9f029485866c32e74c1a19e1113040c9d215f9f4bb4311f0d587b9cb6d11cdf28d4cbcdde4ee7831e5c8608335a1e41883b55b3609b9c4fb8489619481dffc6224e4c98b1e89831187b28b6bcebe7f78c779f5a2896e47bef8e607811b435c517e8e3f19d74752d7ae99cb7caf69c0f977f1b94f8f11bdbf35444fabaac2fc0e568d3b5b3b9f13162b1fa92615bc16492b870fc85c79c51b6516276f8e559e769a8d37a2335d67edbdbe2d4ded10e79ad26629ba6de862acb27fa7d0607a5c83840e446ca0d231ae9175ae9cddf35443ef8434a61d54b704d2b46835ca030d4325dd62918d361c27bd6e422f3f8431ff979953c88a5f3d07a84b733b2fffda5dedbc2ba876ea653aaa2a8446019d2cb69c4c7023177af7b5de358c4a93ba969415c7e3bd3e10a17653cc4c0031dc779d47bedc8d0f77b9fb39484e47d1edfa16a4839d7e3c1f4147bf7a5a41395980d0234577d433c4f3663a648865cf5cfc4a713bfde809cae8161f044770d8f3dd65f183392ed73dd0512951dce40dd6f68927144d09a6df1225769a47a2f1dc7da5a0e5651dc0198c2feb7de7aae5675a3753272294cdc8f05b4bf1b478d6e2a18f6a9dfdc42421bae7072786a4122cb3fcc61b2d0bc9314b92be8be3f9b8b109631305e06b52c0bf621d577f014d0572327c49fd705b45794aa8f198b37c139c4a8008763c654af912552549203733ad09c667104a3c1756dacc50af3d19bd996a99a7f857d9ff8c337c6feb16cb7fe282cbf8c975bdb60a7ddaa056352d9cf752f2b49fd0ae9dd7a263c4e1c1a027c7d45529b5a49de9f2306862b8ef8d386594f9909aabc849c5955241d192ab57d52fd2c7db0e4066bc3f70445599a60016de606b30a92b1bcbcd9dc8cfb492a6e66aa2be612e1d5f7fc61989d51285f1ef8a4e724a46c36bdaa6bed82ec972fe3e929a7a708397432b13e266d9a66954e011a158c9bc031587f9315382dfcc2334100d99b7d50b87096970d294261dd3263bee8f5aac2d86f070d70e278ecca4cf6ff05e511c0a65d6da81b68d94cd635e9dc98c1259fa2060de60d05117090a9a36d7b7aab999cd28a6c0727336312ede8f7fe0118e22aeb4094a64311fa766412d68ee04a93a1b9e2da91afcc91a1fc3c216f0aed6da74baed3242e620482ae01d3055562d16cab58500a5f41145d2275f6da8e24003cae19a7bdb9de8ef57965341253901962d846fcfd687e32fc81e716c42fae279382c8a750c9ef9543c942ca644287ec9cc921f99e9c901810a342e198f3b60a5c75aa91e67c1a6f08008841ddbe0766604b38a211929682303ce61e8024ea4589aa955886adc98f365af515daf30c376eb2b96fd78d46bc3999935a336c89f02ebe822bb5db6a1fd145c4d403b88f17b3fac670b2eb1296b3a5a7055556c21259695c248696162fc179aa1b4ec10e022ea7bacd0255937f9aa89f4d4c58bdedb54b43fde47268552f51b949a9cfbdabf6e3172853e6de9d0b0d9643349595769e98dab85282c49ce8c52301c04710a2c43cf63decaf65243d4756015b681bb680fdd1aba59d63b54e2ebedc68df32e575a95adfb2b18a79688b23ffb498d03012250f0dfaaed5353025aea7a35c8a89873b5f73adb41cc864b9f86e14624d70c917f05e47bab793958de9957cf23c94a9807b30bd7574edf66250224b887a8c02baa05cc02abd4c008339129b3109f1b04da29a9edf472991a440fcc8e586bef32b8c95fcd3d6702b9f43bf41454d5fe72a1f1ac80604c93dc9e9abf9a824c6d45e65b4f39f8341799dce4eac5e9036450ba7829221fdac7ec394c0a8e9813f5aad3ad0052f5156b3dca979e9c9a8755d4be2502727d346889210a13e5391951afef1880bcbd2a9ea020c9b2946563cd40c40f6202bce9bd1d2a1bbc3e5e6b2a9d2220343fd1ff5cde1b4d27c0601b8890b6ad8d3d80075a23725bddd81c15cd1b63e0123c4ac01de7b62b1e0fe2b72eaf400a1bcc63f76316d471eb191c931d5350e83a110b89e77668cfdc47734b91c2268fbbd89ce15b50b84c423a1f27943c32739e99b046a665c966275dba2dd6449b69ec53e5cb9cde89afe4149589c7378f5f3648d748bf3d46fa53f50d1228714252a328cebe7146d81dbb2f850aad492bc0697e2760dc9c60bc76a010e85110c0076478a21b47e5fbc4f7397a319e1db642e305bb1330674d96eb4b421f0f2131d125d4cec8aef4637dce572bad633e076972c9147a48b4c67135ace6a4490e16fa4731d62864e910762f1eb58afa63031c78c375a90147ceef07cd1e8155a649f2558d67dba9d6d2e012a3af4b603cd094e4a3b2e30c65c80cf8d9b2cb840e9df91e70162b80e74be96467574ca0ac5ad52238163283c556f0865c2338d6dcc73fa330634f6e5ce68e766df2db5b7edce0d98203e1d4374e7eda3558667229ea2daeb74156cf5895c4afb460cb4037456b14d9b748ddf7b8f3d5accd3e0d8d2eca2a78056d945eb4383078cc09a3a77736ce4e91f8174fe03fdceef8df92a50c2797b0cd06c6f1ae95650e48d103fb269c0a004d62237b77257807c8954678476030d788543d84770a1533a72141c7ea919e533bc182a3306782233d1a20153fa3e9e315a856e75f760bb7f943ea2f5956243f75fdb241ddfb4c081219ebb4eb3c3e989e3d953a93d96dafe1142c29434a554a92d319747e618cbd3af5202e51d30761e81b6c2d6febf221e3147b63171ea5dbaab4cba1b0fe7dc9cb249d74bbbcd7ef11c35fade1132ee4b74dc6090cfb6f852fb01d79aa0e5ee6897b7c021c6a1e69995e0546932c56e65b2581d619fc59f9775f3e8573b3c4926b8f6a9041512788d11a6fb279941ce24fea916e6568db25f1fcd3fd1e907fb3c45ddbca37230f5b3ffd48cf9c2269ec068d0bc528aac14807636c9067c5e32f2c2f259f6502ffffdbea40ad1b6b4a1d819fccc5c77da908204781747ecb0f2245dfa2941a9dba5d11ad186ab0eb87173dda634bd5a9221143e244c793d6262c904a64ba36cdced65abdd3be06d534b649b03791f7ce41e9abdea4d2c17f14bfbee0455dfa791f241341c78ce24cb8b86a9e332787d4ac1bdc20d022ae9588e8d63c22925d5e507bf41faddc17e01d3354c597908124705d88131b2e8ce8d04d660ce4100b5288d750d996e069bca1fe21f9b84c97011dd14c95c3cd538bf619b1df241fcf286c7014f8467a7ee81b2bef1c3bc56573894dbb54efb6a2fff0302b26c7589e08993e755059ba8b94fe728f1fdcb8ab10a5133d0434973e6667c25288b6e5e2d75202aec6bc0255177a53ea7c666afa79dca738a9d20990f118075b9f1cfb8ff1e5be75b49635bcbf43cb3bf97719dae8ec5c5528fcf89a9dda8fe6c08f7f737d69ef181ad3e35cf8e46efd94358b4640de1c387e295ae38edd0d5b80287f022895ca4dd9532bece6b2bbe100a83fef98dc5af595f4f7e4747ff5d28ab372db71b7c1c423183fa8ba4d823cc05b7be8819dd669b6517bd753e83f4d407a72dcbfcd0e9b2d5daef7fa88c1618236375a50ad2baa6a5e0551e679dce352181a1f9e72f5fca8c323b945bdd92e2d424b3e75041734d099f778fcb1e6407c80e7724d52ab110b02c0c9d1d4b78df12fc443fd8dc8fe82d9f3c8da7b87fdfb11e912c97a4e61425ac7b3954cb2e7e46ed0e24cc0c961dd5c2fc619a9e5e3550ca7bc21f2adc1a85c5b9dade357f1ecfd72646b27e7ab59b1b4d63c63082907b3be4cda341c49ade8992af489d11cf285b81a34c5614284ab4bb94018009e2333aa8e4630a9f6792b44b62d9c6e9d1855ffecab30c611cf5dc1e6ec09088b83a4c2cda9e5ee080df0b5e36b9badc035d6991bfd82fbb408faac15ced6ddcc917a9249b767f8844d6458411c1a31ff84e272311ea968ed3ff02f2e0caa47b1a6e030b07984c07d71e740420a9ed47b26799feecbba4f26dcdb61c9422e940550bfafa99ef0f826d2bcb1d7862016abe81d021be29adabe2c399fb9aa2f3ac472012b26ccd4eea2957343b06ac8ad71a637b8fa209ab6d4351fae53a9af0e920c043df94eccd5c1a847cb17d13589021f1a621b457fbe02a16f0f4b9dee0e7eb9358b8afd999d47f5143d49d4aef227f5b06ecef1ed71207e3526ff82b6ec69d3e8788f6c476437fe96f0533394027cf48e3e146aed7943d872bc35de34f7fdba13e5e1c259a68aa8050a813aa734f202ad7faba9f64b16f5068b43bdfb726e5fa54a1675dcab0697fc47a4fa3dd472022cc0d317d39076ad9847e72e1965b227f3e49ad6e8e742305bdd05d0c88b5859d6cfc98cc47a566269dbc4c200615f3e995511a69d8e724f0c842c06c46b5460dca83137656aae785e8415cfb57d57265af9c1d8f126081bcb218a427b80ccfaa95b8bd3f87f58f09ac52a2a47bbff99b057576d26876fa758c8e41172dd2bd45742a30d55f1b65bafc0c7c9c785f583069caf6de080c9057238e110456c0f9e8d898918b6981011f8dd17c55caced49eed32839305ec37b45e8cc4c35aec0c8a4cac54035a941842e5d19fd298757799c4a501718bf21a024106a292626d4eb3c784119b9f5003c6cdb36e442c04ca5b0ea59efb63fe90f9e218fdd9f0864f407cf8edbe71f3fb1d3a587ccfadbf7a5acbb0713b1ca1991e25e75738ca68e1817d08fdbacfab6900242b91ed9541efd2ca469bf7acc7857185d47506fd0a735d7b542949241976cfb1252f2e490fcdef3166f993ff9a812d0af902001a4f239989c087b41de65f83af93e349a2d37ad3b59c5009465e14030ecdfc8fec2d27939af2311bc5d544b19220b12a5782deb83f0e193f57cc4631d8746e7d0736e1295128f3a48aeacf2952be3005b09de00c9a4565e07692d8355a947d072de4324f2e8f3b2f01483d31999826b4ac7bad4f6ae099225f751995f463e5f762b9671ebb79fdfc51b5080af6fae4837a4e00a76b775eaa6f1fa1479b6afe5d66ac5fd148fdc4750d6ae1e268da446ba08dc4d7c872bd6401f1dd6b226e91bcf77c085e3c115f49d05a29c4e282caa7b8a60a1fe09a2e98227a2cbaa838d6053cb56bc7cc84e6ffa81c18ee26c1b32c2ce205c8fee3b2f4fa8d983b4901c80d766a3299fd62e3339a697305ab7cda995b3cce61e3372f152841ec1d540c9f6cfe2871e7cf4e6997afac85b1c05bed03a5e017bce4b45b0903e9c60cf3538df7df9d8fa93b53856fe93f522f723470c553799c90c56fb705040ba78141f7e5e9117f4876c45884edd5059c8588fc39f9c6268038c4a462a4a5fbbecac0daaf54876ac0217a9ab6f83ec52f15a170005e57baead0e8b1570508e10d2c9808ff3a437436d93ffd02c72c703e2e1917c0c82c3a4b4c03cb91c961451e3f6e2d9d9e58ac1810831d7618f81a34c23cc14029326f16cd043e82ea3bea5c6bcb84152d140659d1a4f135cee82640f96e177c030907117a6c6a8049fd3815fa06249ba4b37c2381c0eca124e7f5abd393c6d175ccf0c5fd4a6e9e00d5338899ed03b5a5023dbe4c6ae1f1ffc192411049e6fa34adeefa3b2e6b45165f341e0b853561ea0d183d93100efe80237ab878312281d607ac8dc10f34e6840a6b6d5c2975348a15761326504c24d5ec648f5714254087bd8c53fe131461ca4cea09ab52848b2526edb91a2bf6c0287aeaac51eb720507d66522ff2f94d90ec584f6088910ee079538e43cf8db55e2f0d70a60eac90eafd82480d11ea5dd795a05a698c2961eedad5f8a79dc3ffa92129f76b8d795e24a1905fc82f11c40d68d11af282621b9a2e39a8dd146013bd3a044f55366af078f7c15adc548029ba4ed896ddb646d74e3af69d8597831e08eb4df1b7ed54b8f3b327753ebf47d50a215c461cd422483c8f2d54f010fa9b76e5afef86b1bb8aa6d4b0c5c9ee798791379ed4dea481feb37ea18b5c7c0146aed32772245cc39628ecc13e03b76c302f80ebcb50279fa2ff74139468a23f36881ee7e7119d8040f90c7e3d8f75d80624d17d881e363b4913eb02e73224c7dac1077d19cc9063f8831053eaa9ecf87ffc31140f6a0a47869e5a5660e5d53b404c34e17b4693df9d5418131c8aaabb0e15aee98594c57cfb2202f209a4529a293b37ef68a2e95fb8fe5142e974f1d3fe3a08ed169379387e96ab5d927771ca7157e9bbd2650992680105dcd6a75829e0643b5ad708e5c65ea4b04b3eeedc24bcac8152cb887f32436a11efab6dc2509fa42d3d31e8aac73e9e8e84a88d7096b9549bc4a879d8f824eb63809a253409294f359b76ac3f031e6bf74a4de018f1c666239bae7bb01c523f53efc922232415d68264872296967dd150af095a12717e7eaeeb98f48c84a70fce8063790f9c2f43db477175e1c8da911ce853042d84e7f24df59e8caca5ee93e2daa6aa18e92930b4495dc22ff6729964942d1baaccd07233dcab828c2254f719132271e9239390e2ebb74ddde7284ebb8955719f7d086cdbe7eef6d7298576fac821eae5a8b6ddf9d88a1dcb32121b6d3ce49c245dd675e8a3b2254a9998ec0d0d7d9570bf6b6db0392c5b060872e154841096351d880f71bc00e5a576b14c26f85840c93a0c424cdbbc57b1d1212e300a874921c1f9c0de14a8cf61f8ebd03eee5cc79f34a41235b6c72aebf48243250c6dae8547b6634374e0bd073f7c162d4226a26032bc154eba7964b2975a8d35f17560a5312cf124741c74774f9a30f8d5ddc891e78bafdaf4f86d16d4c1363d23708463ab1314e3bade23316c7fbf51d2a2417da5162f9112c4331eab695d457e3712bb5f880c68367dba95b61f6f6a9297e477eaec615dff2cd3222f21d90abd8bd4b12fabb278c9fd44ce1ed024ccf908cb4995a1d9da53f62532203d7079e20a46b2b069be4b13a52a81c3b5227f57d6c184945a1799e80dbc7cd137e3427df352c0c0fba04f3b7fb02aa36c9af4611ebb51333326f8f750d662a0a8b43e30acaaeaf2653431b57e95a77adf8261298f791d200c02bdf4b821f7d09f972dd165ce92109c8dce081bd0bd53f598200bb3c5d875bbf1be2a7dc68355e42c515c20f2d72cef3d680a42e8a705f17c6ce15f47b144e55a3e566cb73ba5ee18c5a1535e5f4b4c1774736ed1654bc024b6c748b48d9cea48a06a571d264fc876f9afb2bb43441b39bb3f9e844f70dabd4d0ea06a46c1361a60ef5914411397600e63ecaa65f6598b4ce6f3a967c93ef0697e268b70d0637709ea3fef1da8afed0d2ffd36503197efcf68e0a2cb10b4104b209c133fdbe11e07a8d5c511045d19b69c63818e55168de4357a99eed1d8410664efdc866451de9bf6794d9742e2182449e2ae3869a01f1ed7ee37ffe817a38c502b8243a1c05f1ccbd349c7b9864cbf45b5a3c6f395e4a6602a02bb80ccac94ab66d67dfd8e5cc6fa6321e930354a2c40a1e8d360752dbdcf00134d34a21b24b9acfa2cd37f3c191461f4c9d8243176f42a8109bb05c37ee715ceb027861cf71268f283035d71ce4bae4ac5f79ee5211475ddfc33f02dcd91276e5ca265e5b9104222fdff5969f434a4412ba9fe00aec27f559b63c25a9e8d53c063db549035ec2c8e91e1a6247045541a7e28ff6c13e9f29a3683e55731d80d714b9d5801cfbf617aeb6651290293ac0f4e246df99e72434772b7d8494485537b7b2063c7bc5e80eb6c7ab6647d01189cc910aae2fe8249a0fc3226caa8994b476c6777bf113d153c43da337a6304fd10582d58919596a6de42ad500b62c1e6550d8cdc059496073a48110b2fccb42c96e3e3640f1a87fe379779adcd8836aa8dc545db39bb3afc032c16977e150e9572c3e5f8e04bc15497ec8217a0e187ba097fa95a855af66d47a105bdc3c837091daf5fbeb3ee5ce10b132f912b89ea1c6b9ecb8fbee0e4ea4e43b835ae583b67aab430dec741ea03195fed3cc164472d4b571d166ae20e0a309a80ce00b0fb349f7641f41a31993a8bd9ee092aa7ef16c9563e4db6236c9e702710dc95b198f533b1140441a1827aa4bef6a01c689127eb7028d1bb083edc8a08b8d239389d99948f1290623ba908e6e1c606035b70ba7065f8011451151dca715fb920b4d87858f01c5484df0e63656", 0x2000, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f000000a3c0)="f1737118458723aa6fad9674b336ce0f0e4f9a590af9cbc892ffaeebd2c1911812584b169f9691cb3843c1544afa9da08dc0efe3e6714bb529f3285f9633156f21460f0b19504f21e4202650e68b3cd97a3824ce159744f16e07623a38f6077b995bb70ca4e6ee313fbd9937f0a8cd1043a853b5ec18a6add5500124870643635a47134d5f346d2ce498528b289030d689ee4f1933955547d7a1a02c16d1323328f83c6e39efa19b3a4e8e2acb7d446ec70955b9c122a881df65114e309ed9605225a19a07f6df3a52599aa974975a7598fd5d8977a4083422a83d795e95efd11e78201892c1a667576f54faa2b090f363c5c6c58d64e62332e935aeeebdf0a580617d12f4dd957d13d21eafc3987ae43c0bdb0571c290227757115432768af7581cfa8bd90a2f0c85aa43e6e7496a6a1d16636eb153961195e194707bfcced6b31cda93d1d82824bdcba11ce636211e6a2d8fd8b49abcf68e35d4b5b2be9e08570d89896359bbe3fd3fd8df8d37d6f34009635b6f14922e0e13938f591e5dfd3ee64a13d1010109afaba564256699f40d4af9acb29f57cafe956852787e5b1dc0c6dc61314cb51346926eb41a252a2a44066fb7c38772c55f0caff0da346821b1efe13669272b084972ca5eaa678896bbbd2194429e310ce954cf3de048ecf8843b82acb61bf7d1760cda8f0f8d781f207c0b81c655b52c41e8b2070a7ef45a8e1ac0070709f837b2b78ecb7c50332f1ed5c1f9a369548629b0f10457a7ea478168fed1f0c261921e19ac478eb8e9f703fb6096925b3bfa6d3d60bf712220ea5f5a6e9c33ecf653f40849eb4610ed32c7d3ee443aaa6aed33dc590d8133e71391dc45d560d7442ba325aa88eb81cdad58f16794832f214de3ac2aaba11e4fe94b8c2002f101e0ca72cf67de89f6beeabe2eca30841cb62bfcd70b3c973bd6bb3b1d5612fd02c03bea24e54edeb558d656e494f2f9753e241ba8cca7ab22a0c386fb13139db2b8b182f9449f98a745abca05a5ce4f0fd500584a975264eecae3decf0b81c9b0cb16a53be0f7cd101e75e6d355b6410c62ce731739f06141c1a0185dea457167f1f07acf137d854eedbb63e3d4812aaf8bd89dc405be6a55b08555bf6fc8f082a3a6dfc359669bb11c8245def27675f9f7843b5b930bdc7e8a086f2313f35739c29369c1380370021583af2620fc001a0f283d2ab738a936b56d9444e5e321d0277ec0528c1ca6fc17241f6de1b797f0f9bc83b47addff767926ca527d409eb23ba7f8269212f40b886d00affad255871275ac0640e2db57cd710798c29b09ac4074f69df4f172b95941e8caf60aacb9f84f71bfd9980c7dbdb0e3e06ef74bb4593b63f38859de8215e1cdea56832830e1c6c416889dbdf5a58492151876cf501884abfdafbdb8fde2d82dd77cbd20207ac9ab0d8e5976292ede3bc3358703f720a960e1cc53158b6c05a68815aecce32d51fc2abfedb2ed709eaa45193da955b7d44b6722af26f3ec6c437653b267218f8cfbaf013aae88a9a0bec88aa9916cca6e9115eaa299549eaa847ba5d9490c65037c1cc94281645ca39d6f2d2706f952c1e0cbf53389dc66d442553e894c7656512eb157e3c39144988c1e3ed27af98318d630fc0896e96d7d212ae80f9bdaaca8e558e6033414f5e8c86e4b2ebe4cdb077ef6f286f3c98a9545f5dcfd46739a745150ab762459cceb1d2e9f56e2f1e59c741c47c519da2a15a14b75f1266d023ce78e9e29782e6b616deeec488408fa53962bf412937bdf63b25c469c92867b145cb73a46f88fb81df683e979bfe15b65ed905b6c0eceff85c3d0b52efd411b3b512d897775b64ff301ba9cb2618595af4a40c95795f8993aa34f13684d7e56101fe2b9869df1d6ca3c4ef81c62323734c8dba6cf4bccfd9074147ecbb5f43b3e85cb064ce45af5b6086fc016413afce0d38f9a4e916e1fc08772f158d791d1ef86e58a60893962bb93b21e2e0cf01c35158718f395df1489767e94b4cb717dbe73693cd98620f1dda1351e40495e6d166a1d5b56054a97a40ee86b4b48cd751831352e9bbda8361eda2bd9fecd6df15ac7dd6c51723c7eeb58ffe63746dcae6851eef9473b9200f4681f8b14a36215fb6279a19335009c6b1068c042d0977ea75ad60ed06961ede6fc74f84f49d3fb72b251a8acff52d0a1e8ec8e9632b831cd24c62867eacb7ee36532c801e3567d7f2fda8768f98b981ddd583dc4e3424c59c6d2de874d3a7c2b4fbcc6e3b96503020ecea0728480ca04a2b90b183ddcfbe34156341df97aab3953aa9b81c3d69d9b20511e1cd850609b3f1d1e8dfa6e8bf90a927d4d3b010dca06a1b09aad8f661c56a895b15375a6a532e76486509b7c17e516c2c67b3f80d3510127252096df0fd45e0cd62d24cb7658460f674dae61e932335fddba62ee35143c1071459a8f55e42768b777237d797418b5267423bf1f0c1fc130e2b7d40a0997d26030c9f485994df68f30a910221f502f26ee500bfa54487dd6a82ae964da5b967e8eab9ffc9d4d5d0199f4f633dcd9713ec2e4484cc25dc7cd06cc3eeecf874270871854a5e96c8b424214e1202edb23ef6fe692640ece04ff9665ec050bcaa0c1ccdd96e285bae472032d9e2f889559596a357a5fb9481599013d9dc0888c33cbfa9941e9739cc342ecf9ff6f0a08d898c2df11eec9a9c994d227436156dbd07f128f1ed53ad4ea1245d43cb1191a0afd18049f86ff0f2f33a22a40e3f32a04c7b888d044f38be60e9379cff5e7cfcddd195cd465dadaaaf03123dbd3e6195d50a24a8e3479cc82f14cd92375a80594e7031789153a6f88f1f1d9df102c9247c1169159d4a724125710f6404b899e4b9dd1ad8867eed6267db02186b1583d9178845c667617b09f82203fcef74d45a7de4c04c4d131cce81aaacf12d05eb6d83facb43e102a2fae3a0985b896edb6be894c3681a594e3b3c7d543094a3fbaefc75184e1f5deb061390033d0fd6dcb0c70594b85f0b9948a4ed3f1139ba381e5a22c65a72cb061f515ebd2df85ac162266832b6665af9c04ad0e6add65a1d209bcef3f5e41c95011c31f6a4421ba939fb3c15ee9e4a8195b374dc1008c6de0fec3631b06ad559f82b4b36c2fe39cff4341a3b46b119b27a9df883eb3229f835190b3b6f7f4b7f9f7824191bf1af104a658bf2d4499c7f619bdf25aa42917599f42776933dfbdcf20db67987f11f89019985d93a93eeb6aeb8e9690c9924db1c36c34b1bd5cc6fbac54a17b98def767a5de26e64698a9778d59e50e75e3345eb7ec79db59a8f99a84603d274986e913dc4d626bd44b2fec6090f1de8fc22ebf16ef5340bb1af38b72e370e565289a6ee1de185d7f353e5b860963e998aa58044a9b1bf847233e16952342ca24f07415c0a88675b26a89782efbe22ac0af0def87aa7ed8d14fd23bdf46c2f08b0c40c4c179a282a46c0fcd50a8280c7050eb5a546c9158416e9f8c8b5e64ecf18922c73968f8dd7bbff56a3983f2502cb76fd0cb3ddbe59ddfae5e6a95d887adbd2b781b136fc5a5c19e808dc9aa84f315f5c184b9e7dd037e6db1085f922f0bbd442156b84616f033efed03c206a87c733cfc57d1202dd89dcad1787e076686b1621a8fdcc80816973771ebde777c4f7ff755b84728b51bbf652c69da3308841ee8c946ba0302f09318818c763a1d38751930d5f2debc407c7041437087322a1960795de89ddba8aaf11a082305f696be662be7653a7ed397e5dddea74932e1e6f000e2969fdfc979ef263040f3559a83a64c546c5cc585dd9a38b238819ac1ae65cc78d3e0ff7e66328503b489cb3acbc6308c13fd8477831d700650dcf909de1cf8caadb71649fb022adb5e4f7887940a076966cea00a2c21ea802455d1d6d9ce91364f69414b4d7bb30c78ffb5ed4e8f35340b53ce066e11af44ad34efa6ada894754617d0c2ab97c9e9562193bb799e42e4bad44dc445d371a1b62f358b19727f3efb868c3f73c473b000bdba882634b3ab4393c0fdcd902ef42c6f369740839dad77756c4fe2b67ee95c34d7329b77880cbd2437e2ae63385df40eb92e300632c8338688fb2be65bcfd90150c577ca23e591995a386fa59e6faa9e9dd58e250c0a0d4c81177d0e7337c3b6be151644a8ec5c71f888c21373876e673ddb8397839ab7d83111b4c9fac9a416105cef6d7bbbcc149c1a72f1a568739aeff4d43aa70ea4707cbab6dfa37a693a74a462e26693e6a6fe398711984e1d287469fcaacbaff0db800b94a450e6624f1680e3c8553bb4273b901d895aface688bc12e1350aed78df83b153c61586dbaa53f9108fd00069e593f613823284d42121cde40d7aadd98500cbab00cf593075cedfae93ebd19e0246beed22f0988886a77b49e50c71b0838819b4e1ef89eb1634b8c020856955578ebbc94bfde7c8b409576bdce4153d4146bd29b66fb639c8a2c6b2d5d04e9605e25c6fc5edad73f870128915a00ae9ab0f170e0917ce627ee1ccce3de5332c368417ca9784d6acb3adcfddf8b62f05f628ca044a0e9c18ba0b2f5b46c76787418ad81f60c6a50d7402abc68cb6458a8bd460b8cfac86d6a31ad5a00210d49234313a093bd4ac39c1c5a9562c4fc33c66f7729ae41d84273c3f71049fe380cb6615ea5cc578867fc10c4e5b041291cb3a6a1c3a28c0f839aa356875ea064ab5c057c588642b23466c4835b89d3aab81de754428b138278c5caa627e5aa3e797ea27c2da530314b65dd35bb8c1f8d265a2b71e6a1dfa7093d75b907e9d35b1be90fa7934b93cc2d8e5811f421774e6e66182483867d15ff0f47b933b8a18815a099593f443d1d2a9827a49fea6b598b76a0d1ea3aac5e9791c8ad36db3d9d936e977e819fd4beeb1dbe2ea06a9156c99f124bf7fb93d48142fdd65486ec4987284210f0d9a194f87bbad0b8277da0fc016f4393ddc6e66ba19cb8f5df4e5dfeb2e12ceba9fba5670b3fbfd3670b2f59ca3ac02214cb800082b1329f3d4f216e2c4f328b9d35b0407f4e478f93e3b6103dc71527a095fc9f7858ff32616b0e3eb8cd1893690a00a9738e78902e6c44d42816bb5bfb00aceda90b2665c21dba51b6576e66dbda31abec2fc651f2959b1afa8a36217d8c928061e6c1fe11c8d3b561eb48fb419bad1094fea3cd5897abe8142425e3f4a40086d2cee919f1227eecc8a67a5ca6aeca58112c25fa0b637f2066ac53094b3ad1248686228ddda88539afe18ea4194335e601097c4c86a358a6ccf033cca09873704f694b31a8c126ac428acfdfb7d90f5fc1d8749322c73f1d9b9314ab57d4043083a825fe162c66015a273640f1b79d26f3a3c4494fdffdf7aea4510d7d25e2cd55280ca3b2bb3df2c20cb6699a61364c3b5faf122a9f4080d0b9f0772b86f73be13244fbfc095c2a29ea490b340ae6d3dfa31468fdc5c4b6fcffd9a58e32786ada21e978b23bb568173cb74f1846c4480903a0892abf5080c12e811da8b41ca46ee43f0f4f2aa1527b582f037906f48f9025cc71403be4875b03afea87501f48b3eb86016dbc4307ed907dac26a7d8674a552a73ec9cda9cd41de8057028269022b8540ba54adcfec3e3daf83a7d853602bc41aeac6bcee06421c82f83c14c725cbb10661fe1bf41b574837f5f6cc502c8605d6ca8f7308dc4660e565dccd81fa77b0c2c35aadddfb6f5d259e874ff9d5827480f6a70b7dca12c1170ec504e2fefa0d9a087ec736c8f2c26f1e23b11008b84c976350884dd050d03b2fd6ee3784a12b336fe742768c2e0a9c918c07f73f5b2eb6b789c055d9a6d7d27d11b76876f9798f4b65ac4769729eb82a0339a84aa9af45083e19580a2d85ecb1a994747fa3ca3ddd84b2d7cd0f3ba1e5258f59bf3b573d2f3063bdf1a9080d09875a56ce890572ddd4e799d54749619f587f992d72b7bb56eb2906b1ea8eb78add294817271baec90a6ed91f34283c3e0a1d313c0e90947a04164d688fa045884ccfee71cc3ba53767f2030ccad1c09cb31d1e071008869fdcacad466db57782360f398d0b17a4f8e27e3f8333ec3b4042824ea4ccc76178fb5cb438c0aff1e93ba9986237ab426b7efa966be2fd02ab3213750396cec5f44df923f5cc3f9c68955ab606ad7b572375bb4c668d4edba8c0ccea550bea5d5fd3e92c2fcd78c019e1df0021c1bb00198df9d6084d0ad6fde6f426a2b34e1e7d4b352721be93668a88300f0acb63da70bc1d3588c5942f92d50e583a6a94ece7d18cbfe35c06ae6a54a94d6cd37b16fdc4f3065c9639cb5db7f498510fcf855f3a104769c2d19244b6ef2d4b3c0a42ef0241aa8a8d6f804bf711a9d8512fae4abe127aec074602b78fc4642f7fff959714293df2fb8fd7e5e785c8f0de835fa8e5a067b347c98a359ea7985cbf802f62540d2b764e3877e1ffcc73dedfa2567eb68c3b8151b4434dd2bb947a2a0d71c626cb38e266702399c19f09b426528609186d00e87865f53ebff94930c49d20c41032148b3df4259324f5773c1c8435e6968e9792d762a4a87642c75215cebdb80da1d48b8cf3075769dbb482a642b1a714fbc3e8c96419abf2d9e310a04d468d4471fe19f41da18a3b9838c74762d72af909fd965900b3f6811c830955ae04d42a4808edfdf8983a624be8988b8a32a0ce2adcbd2478a6ed05207b91da8f1afb0b7189c9f87b0ba58e5f29d6ea811280f86a4bc8106a2129d07b915da29f0d230d95df7a27a93b2836d973af86bd2ec5fad21ad70af8896f404e5441f6416124908f85befca958e2b537d50b047ad70a8b5acf160505c3450b37e3aafa8e6b50dd8fab7fb98df24d6b13e7930abe7785dc6433c882bbf87069a000d5ffcb99ee0b1b79cbba4902b85bde0069394b2cfd70bd887230b5866ba25e728253b17d2854d601cb7f12b2f72ac4f784298747b904b1eaa52b7edc42f0f23dec2de8ae3091bb57b6e5dc1f4bbf67ed79ef764184867877ca49907646e4f1aee642ae865ce645707ae524b974c36b719ef3b30dd8bd4677d656be027a09727daa538ba3b0aa942329b80b769de13bc32edff90c562022a3385d5ef583d59d59f53ac4f1deae3de3016c300cf62838a60bf29f76debfcd893b80c6138fd17436471a9dbae3b8f12ea110d6464153d89f54117ba0ab44d7f948909efe0fc1e28301155759e94c35e54c758551ca66b51044ca98d92963586ba2c5bc358201cf33578290459baf1a672f486aa1eff62290df694f747f9e72ceb185448ea16fe43acfe958bd810a9c33d6baa8977628163d5224aa2023b49057638fc25095a2cf3f1191ab5d6e744da451255f08add20aa6544eb3f1b69d92a3d02ceb1adf4508a8a217004a51c69af3b5ce7f33ab3c6c2dbb6a78952cdb8dd857dd99dd2fc78acd876da17b1b8a91d1f4c96e156c55bdf513ed0522c8bc7e8cfc8dd1a76977c45c636c168650d82e3ca7560ee9312c1e54a15811fffad89bc44c0210368e12bb320ba9f763a116c8ab7724190075cbba1cc1d15d4e790e95be4329c7c35b61cf6a69e32c66ac2cdea1e1c39c347c5efbb96d9237d85243880df5b696bf2235f802c2d3d7cbd6cf42d2834bf0d47c5b856eca14a166306db9e17217d1c9e22e5a748720da74050f1421cb6ade2733d934ff3f4ac06348ebd9b248dc8dfda2be1bb137d09ffb0da3500000e1820fcba98a5249c0192129d2a806371d2dcf624dd2e0962fd8920cd2176e5e292fa366ad5571d1fd440dbb0f4f1d246b44dad609aeee816cd7a0e9f2dd49476a908107f4bf1ee71ea55a8fcd75470d63a5a1066e83aa230c9b35c484142572c89d2d66d1554e3be9adab0cc94ff88637dc45de22caf4974fee6ee6305906a970bb94f9f9845a25ceb7c020e78e9f0235369309e84954604d751de90d31bf764e9065a48724ee3a62ef8296ced0170f40c9201a09b8e0f4329416868036996a35b39ce75aebf3f5525aa68b94487e53596f70b5e091dc8957cf952f319c6b02485e132dbacdae8602c185c8ecf86cc26a58dde9265c46149694a9bf7ec12627ce2e485457de508bc0b9b96e560ef2d5cd2704118aece1e4ea15b4c04449c75e91bf0dc594eeb249e5a458307fa0d8e3a2a7c1035ad8155b3aaac508574325d7dd02bb02ec4701132b8cfb558a5a30c919cb2633c733c0b0826c13cecd71c66c6c7c43831104e7f8e70e51d36727e4426dd36c726f7a07653c240f71a7bcf5b6f56b77824a50765f1fd50b3a6408a0e4334deb5c84b71bb7c739c35ac2c98358604aa2f8c7ed6d4165704dca679a2e3d47f609dd78d3885a50e9305ac50b776d0e29fa4c286e6a4906328eef1244729b8a6c41afa29ce7adecc5fbcd443fcfa27c59d54c6ffd53ade6a63893b4efdf94ca0bb974ed253781b2697da2979eea306e9ed53ce4efc9d85c7ee6ed378cc6ecce8d508e5c6a9134539c8088a138924ec6a1935f96f9a6f6864056128a35bbef306b913c100965e32459b96754a16c33c1c9eb9a385a17601badf3a0e2098bf255cab5791ead7ee1a3268aaeb59a6b225b1986dfbe297d90d9b395f676d3a8e38a2bde9165f1ab17c1890b23eac5760d62014a19c7e15bf4b939ef1ec0b4e160fbc031813138d1d336c0cefe17bd501b84b455d01ba3ae2a6d21b990c009c6e6fe1151017c721079dcab44c1de8d0cf6ca655cdb32c70f72080be5f99abd81af3954082d072d05aa277528cf4828ede3572f663b23fcc2a655bce6e35bd341f4d91f63cd95c46da122f49f45c564562e252fb03099db6f9a7134f03c82ae9e2af98ea8def5d5d40c7c62f56723d0f6fca05b64bb6a406fe38f0a1824c12f8bebae475773f163830eb61b6f97bee538044d53895bf9ce8f68b4aa12a66fb163d68cafa301f67e6ebdf4c55d627208315a20ae2f0d477f394f9b6c94e0adb86028595f3b11cca00e57b68e73da304e324a9297f17370184b80bc29b98ac4b3b918b5330494e1ed3c96af7e423651e69cce63b6c32dd8324c0d6022165958588669d6aae81d03ec64308680e087029676235341947216646af7783e7eabe9c2df6ada36d7cc453a2c3b96078d9db69064771ab0d6428d8d8c258f32bf9cc7e90d1131328bfae23fa499d02907b9acdf2bb24f8c083baaf305c31160cef6eff3a1ae243f0d29142235b073a19fc547fa0bac54f3dad14d501eea3f0b5207bb966c7168e1fb175841fe4ca98ad75c6480d208458383b771450179a4febf14779e7a021ff6d87681215041d2225caa3549f1c26551ec97e1b056bb2cebb294ff48f4ffd7812c7b77d8a38cec1be54629400736c9ecbec21b639694980ca10e1ffc2d72b633c4117ce5fb7fea75810e2c30f78ae290cd4cef094d5834932f244fdde8e299192fe1db4713ff23ead0cbe3b38ad1836d8aa646818d3de42c77676abb79f05f31d2fa63c17c3c70835269716fd0417c1440afada13ed57575165e42a7f160475c32177b6f50b2e65e20c74a27f481d5871297ae805a11bb99b9c7b373c629c3a08d84adbb6ce26e66329d83ecfa6c03710a3ff013a43dcc69ab3a72c99944f05d20e20e530a465f57ca9a309989c3a0df1d1f041af84409906e333fa685ab17b941297bdef6346e34448478ddbcaf31c0376251e0cbd186d26edf58c364eb511e30d26dc5ccd32e1252d665e645954b4c3c96cbd7cc3296f440b665a53bb57e1160a025ae725ca007945fe347f06ac64f9fcdd00c5eb01a0d1bf0cf9007742a9592c3cb5db7421d9205a13c71281990b82667510496af5bc8db8e7453ebd430be8f474644e943cc6806b7a59d060c8840a54312bf5238562a1e272d3a88857480a9328cea37de53b7bb7844ef6655171a8a1a49c76cb0e50cb7892fc081db3cbda4268402b0e092ac10cc5e39a7297b6812a3e918a2e510ed021c605357c4a2eb3d5f7a1c5f3a4559f761cae740b3f5d6afae6f9a7899791ef492733dbabaf62cca0f4eb8b4d87d015a1b126b58d5371fe4fc1c81a217a53d3b24881a7bd0de3ef94b9487a14f831697a6c9547fc9df2bff8e228caffbde702a0e7cd267be77365394e8ba2475bd6e50a54737bd713901d8d1f53718275b6f1c1bee6d5a00519ec610ff305e20d276b7413ab1527cd6072d84842218d43dd026f4ea31610faacd33ae4ff49172cb410ef4ce8b8ab5b0ef70aabaecd981506d6616b3c30fcc405c5222291e2f3cbde7383a6814b56b1641cd983bda427c6182ebfb462dd20f7e46fc55516db690abc5c8ab4caaa21548c763eaa80140a51d1a037b87c829f65b4e628665655513787346837c3094d3d8e38aeaf0a8f1d4bf6ba84a09bc47980037ee2b0dc05d6ef7a9d63eba77cf803218b4689fa8ca706236d91d8ed8852c75c4a492a77964107dd7cabf1172868f51e87ee96f38c56da92e511a7062997026f01e0dd13cc30f53a90a5aa7f696088d945557afd10e3e062ba1804bcce2c52a8a2b54b0eb7b865b9fe394f9ab0c8bd0890117f1bb01d4f331560014afaca39b16d98b4a40f536f690a69ceb2fc6bc4bd7540f760c3738770c0764a9fa3108c7119fa6492d498988e4bd496eb42dd60bd01a323e77ce4949c9d7f7da7f98dff0b90598e5e32c600e7724287c6e4762b7a4be4d69f80d125987444cff287ed2c3c80eba2f91450d0d13d1b9189dd4b24700917545c7adbb4d86aa63be04c61954821617c53877458c7ad3ed2970116ea28a4237e27a81426baf32f60f4c430c4dd63f387b50996d1c7303374725f2008498688dbb5a6e84fd8fe42b027937296a9f37e8f5be730ac7a0902bf1b1169f56c6ae7d9849c64c1e483b7d9852a19c255793a41064a97b4f5036b3eba49219e51f7647d652f310b386c47bbf758beacac9d4a5afa2fa84fb9ae82f6484698bdf8a950c07fa4cd3a720af136f52de4df29f7c3cb9aa71f4a6c7b14eac577b6a0aaff394ed5144a4f89500abb6b8b48f64c1f119628ca8a0cff11b12b92cec6ed71e3d99bafec75a30357c1e59ed6de22ffb42fe420b6ad863587c02d889de3fc24462c9a70912956a633a857c185a151e9922ca9365045ba275c10278736fdc5b221a41f207a4e8c878761a1afb7f9fa59eefa395a91b2d08344a7fa0a1518bc3a1b0d749bbf5a6772ffe8b0f612c5d4ee72eddf3007dd6f83403606ba74d101cf57a3881f78332666fea99e8394926c734f1bc3de5a8bdf5f486e5e557d2e3a4e9c0334cdad51ba2186dc58c70c117ee99a22dc14a7370e88e45d5ee35f4ddc349b333de6510a3b34ca558920e04808bed886638db09a07ca17b4709f56b6bd247f71c1dc7d888104857fd1b9f2c95f43604b48058e7a044dc3a0a46c344951865e9f2c47451abe215f12fb255d08775b0a977dab035cdfad6c2574e10a9b9c983fac90a7933d1e46acd260d0982a54151faabe6e0829b8a27bc9939a9fe65f538db514261be4e257a7d9b820143608560bb00351e67b35ffc90f288526e373453ec499ba2cb64b44c8149a81f742553d25be0689eb8f2ca48d90728e423636de06c64a5a0bbbb5da2a7c17521c09192230d3f61093d1fbd3a4d1", 0x2000, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18, 0x0, 0x0, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) dup3(r2, r0, 0x0) 889.016499ms ago: executing program 2 (id=1386): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x2, 0xc8) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000340)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000040)=ANY=[]) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000001500)=[{0x0}, {&(0x7f00000001c0)=""/224, 0xe0}], 0x0, 0x2}, 0x20) 791.057252ms ago: executing program 3 (id=1387): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0x1b, 0x4e25, 0x0, @remote, 0x9}}}, 0x30) 790.871891ms ago: executing program 3 (id=1388): write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x20c01, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000df100bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x0, 0xe, 0x44, &(0x7f0000000280)="1d5ff8317ca952a2ba4bfee0f003876e7063e8729dee4da8c9a91b4a487529a1a448ba55956c7a15fa160fdc09bf6600000000000001c36c4f7b28e13627dce84b8b9b1288ca25dff3d80cb380a7639b9a3ea9e1adaae4ed469e1388151d485f3a210bd26e9e653315124584a1978d950e49c04b100ab4f694c051657f2dfd7c538c6f177aa5f6b6a88c2a3bfa8795faef98ead17065ceac2cac299760462e763c74bcc4a341914875d616d0", 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffef8, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x1b) ioctl$TCSETSW2(r0, 0x402c542c, 0x0) 689.192127ms ago: executing program 3 (id=1389): socket$inet6_sctp(0xa, 0x1, 0x84) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000200850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000280)='sched_switch\x00', r1, 0x0, 0x6c}, 0x18) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x14) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000180)=0xe) ioctl$TIOCVHANGUP(r5, 0x5437, 0x0) 470.269817ms ago: executing program 3 (id=1390): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x16) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17) 240.98178ms ago: executing program 3 (id=1391): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000080000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = dup(r1) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) futimesat(r3, 0x0, &(0x7f0000000280)={{0x77359400}, {r4, r5/1000+10000}}) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg$unix(r7, 0x0, 0x0, 0x40) r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0) ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000080)=0xf) r9 = fcntl$dupfd(r8, 0x0, r8) ioctl$TCFLSH(r8, 0x400455c8, 0x0) ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000180)=0x2) ioctl$TIOCSTI(r9, 0x5412, &(0x7f0000000140)=0x3) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) 240.176935ms ago: executing program 1 (id=1392): ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x4f24, 0x5, 0x2, 0x8, 0x1, 0x2, 0xfff, 0x5c952399, 0x5, 0x3ff, 0x802, 0x1600, 0xff, 0x1, 0x9, 0xe1cb, 0x6, 0x80000007, 0x3, 0x399, 0x0, 0x0, 0x0, 0xfffffff5, 0x6e, 0x7, 0x1003a, 0x8, 0x4, 0xfa, 0xdffffffa]}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000080)={0x98f, 0x2, 0x1, 0x7f}, &(0x7f00000000c0)=0x10) 171.561412ms ago: executing program 1 (id=1393): mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r0 = open_tree(0xffffffffffffff9c, 0x0, 0x89901) move_mount(r0, 0x0, r0, 0x0, 0x276) 171.330884ms ago: executing program 1 (id=1394): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x6, 0x0, 0x8, 0x80, 0x7}, 0xc) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) sendmmsg(r0, &(0x7f0000009980)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)="ba5bda5073c7afb89e344d0a860f42b4b5662005475fef8a4827a7ad71262f1ceb7b111409e326a16a8c585fcc11a2e5eb0a30a2d1b0eaabdb0b5600d79f583fba1842963e709d59181f8c58172fccb285fe6d6d071d30689863a388ca2ff9a26eccc32454014003535c734b6b7bb658add99b4ba3477e8f2af20fbf366a6be84a8911ef793bf4d5b82ad7e2dd3172b3372b63c13b2760f04fbeb2c4228d8fcbe4c3eb2bd7d669e6d4965885c5489dd92cc723c05711a0dd71b0d577ba888b31feebf7bf7c14f682ee28099f2953adf379746f51b7e11039df112cebfc87067e7ec8fcacd3e9914f3a731469efb26bc3b1ac3b4e1760acfd91ef9f49240a956dca8db13a86ef7d34430f8ddb48f6e844e3c4a53fbc19d78431eba3b42423a76f200237e45fac3d58fea2297fbaae8914774fd0014a131e5cb2324eccbe83ff7b7d5925061c1fa30289afe9e2ee69f03172a8aae75a6ec52c53dd9d4e037c7bfdf834d620fd6ffe501ff9166fda2e23df71dc2f8141e20f389035db2a952b8fa3092b138e6d6ea468acea088ed2fa75bf9a264833e77bb1d75604d57fee5147921477912ce187bc60b8c3d6657c4a6f28c9b0693dc0a68d86c03ebf8a1a9bfd55c4af0bd897577664e5559741e16232489f2447a3b477f6502c74de9c639569d1f9d61fb9c7f46a4b6e4e1d26a49ca6c2bbff65146c40319d1e4edef88a28b5fef652c706a2836836d9df329753e7aacc46d4ad14c716f34c02a1fd7438117e82c6bb5cace58a7a10624e3dec1d0026985d5137e42464c1fd4c502e58f8b8e3aaf9dd2c7751abb92fbc62c9d7c6a523d52098b3306d47271c7607b2a5b51ba6ab8d4cf81dae09276360a0e8235d4530316318391e7fedf94777c7a687950a4b0e5a82f1396567847ac5e894a73b38107aad3acde43f581a7f7303ebdf2e2b3930d7dcbc87a484d4c9f6e25dedafbb03cd9081e5994912f055c35b4ba19475edddf48cd4bd3f00aae0e2348a2a05d1f4aa2e60fbaf1f15e6a157f514cdab4d4b7dd2b013c1dea94daf7a0456bccdd548a1fc5c975be128e5ba0921133fb433688a86a62b3debd527063377d3a3402802e2c519121f174361dae6ae56ed20de18a8b83d942a28bd99e2740c4126c8e504f8f7350d138df6c35a228f3a3973237ea4605afe0aceb5b4fc7161ba1e0a647b9457342c44d8fea94a1f5babeee15c13ee63d2d33a20ea7c6a2b03e2fb9c9e5f896f338cb437868e584e04550d4705b551339bfd99cbbd45f8eaa04761361f1ec25d2b843b4c83c437ac13b5532a3bb38dd3d340ea03e25ba32f5ce6d9491e5cacd882c416f569b027a7943060692ab8fc0166a1e3084862104fd9cb25cfb7545eba240e16a04f393b16be5e1f559475fdd642ee681dc37d928c5f83e7c7210ce6a41ae4fa3c8f81a3b35083450d14675c198e8878e39e889d7de0868f89235b323befe4ebe4795be744f201ee3f3d7ec692d1f1a9768ea747307def384f5226b7cc00e049a21f0dc55653a8a4bb32b6fdce16efd408f84132a93fb6ded619e63aa4c66f6a4a0052d34a4f594447c06272e61f3bcec74134822a51f2fed58b2959c210e69a5014377e0c28781a0c1b202545cbdf713fb197f1a78bf0720d6d9d12a36b7f21fe8dbb924919f840191ac9189f8aa3d5e605b3809a76ea7cf94e10d3268704ae322bfed1abe1029bf4efc9eaf9d1a073201ccd11c88fb78ea6995c1c143b8521d1028fd9d8f66160301bc5afe0ac5d737d25c9fe23aa659a57650f2237a4262ec13843f195773fb1120152e4c360a2887f11597885113d330010e1f7defe27d18ad3f34cf9c9811b05770150be10ad23ec8e593e1bce1d06bf33e8ad268d8111bf5c2fff3c454b9b859bd0f868e0c1bff2efce88c9ad10757904d3b3596572d0fdedb24b54bc7e6a123ea46de0cf035a3f7206864a1df3996d49a2288bf93e5212291c1a30803e12ddee34e297573a0f57e9f6ac8a4d4f41001113175b52df6d68030cb980e1c563968c11fe6da1754ed6b2892df4033803a495ae214dccce7bd38f4fd2dc4665ccd90d3c74a5f9c12499ae952ad48edd9f395478381d8586d7faaf751c151d9cfe945beb90b711d550df16fa7a7a1f5798804edd23da64e7aaf6425c7611d9fe90d50af3e3f5788f2a101cdb724d7b5088d06fad2b66877797f12f38000cb672a65eb80ce35e80e2301aede34325c4ef51d359d5bc74cc264d7225c96ffc7aee739b3530bfef15f69ed43cefbb5ec02c13bc918174134cdafe4f739382d94df21d8ae161ed41e2de556e868b302bdb4b088e6d70df5cc5bbe7d39b5a4b784b0b32d7eb0f35fa7da3b4e1b9704d9820b98e6504a501e278a0dc2e65af4d0033f20b73b70ee22e4a27e765aa35b5f836c09b7d7cc6b6c4dc0cc04e2986d47c4d487fc407079540889a96bd07127924cf453b580366ff848c931239d12da2534da9e9ba597abe04fcf7c58991a01ca8068faa6b326e8efb3733d3de9aa94493735f71b24a667dad7d3aceafa9c3f6edfc55f7dee6dd196bfa27c1550fed875450174477995aa6fc07fa97b4bf410190c3451840bad5211fe4a2b332aac7bc3987251f6c9809b568d240a4733b24ed1a621445d9ab5768641643b7d6182e85339d723f140f7544d5b5d4590fa8ec19941681f22e6cd93feb69b4692962d284faadf6507f8fbe2ff00ae8a8762dd976199652cb65bf9936c27b8e621010b8ad92e3bb3e2936fd0ee1a43793ccfdee78fb10a86b0f476b6847a01b25d518f58a7176a1d2d921e9a786c8374c3254afd0f170e7b6c8672f938e7edaacbfda2243fa63e122298de5fe56bf9bebfb307db8efa28ea9fbce71d510e36a5fc8964a21fe6d6a25367d30db307085098667c79d48cb770406606bb3497bf90d5eff7c9f3d52c92f041a5a83132d1ec06feb3ac21531ef5198f0d2772c82dff54629db561e2dc2da742c4a8d33f43581c92d2441db911fa56e4abce41a4f7c36e7cfb236c619f2ea4fcd8e4de0f34054d3b28b7b01832642afc23adccc4c4dc68948a9f8d006bddfab3b4f38c0", 0x881}, {0x0}], 0x2}}], 0x1, 0x0) 139.588958ms ago: executing program 1 (id=1395): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) ioctl$TUNSETDEBUG(r0, 0x400454c9, &(0x7f0000000140)=0x6) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r4 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r4, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r3, 0x1, 0xd8, 0x6, @multicast}, 0x14) 1.097092ms ago: executing program 1 (id=1396): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000180)={@hyper, 0x1}) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7cb, &(0x7f0000000100)={&(0x7f0000001080)={{@any, 0x1}, {@local, 0x5}, 0x400, "4145fdc5fec7663a106cef95c8d86f03d655b82e62dc5204ff06732791d90936bf31f7b4eafad3ed43e8da42de6780edce2e2f941399c9b9002a6a538fc1ebd3e994ce6fa4a67c775c476cdbedebbe34904cbe0d5808cf5892aa1e563f949f38cd2ebaa2c46464183ead798b1af0ba7ad5db77736a5329e7297e674242854f87ef03b0fba724523033529e64be44188740b9e9a0ba6944e9724c4aaa8470ab8d35a1746a1da4dfa2112cb5135d97efae0975e7fa5e421fe7ec12a8bbd7714076b63ddaca822d7c0383ccc4e21b11c8a0443850c05f4bb6716b6ba83016b709b44a9959c44daa717edf6b43f7c235fae47730ff2d435ed29d062451ab74bd9f65d9bf96e1afc645ca2249c89146fc815210d465ca0ede0acbfe1165b15d222ed668b79b14f901178d35e7421637588c887b0f2335ea84a442fc95bbcf0ea3b308ee18d913901cb8f40dd2798e781c4b1c620c23565b5bc18e25c206f772c863c8a8864f460c239033717d41f94fbf13b1d0c7271364bd6d144160e1df33fcb33e5d45a5e7ea4264d089397d7e022c6e1f37a2e464c01b4df6a906d3a46d9432ba1966d73aa0627491e3b3c33bee03ff2138896b64862910f24dbacc3c686e0059ff5915c8b69bce3c4022c5c80d574274d1107c9935898ae444a6c38dbd8319e778e1a86a293094bd98d0ae3ae2c32a4bcb20e0517c03e7b46839f4e3601ff98244ca5485cacbfe53c935cf14038bba908af19834a86b56cf68a7170448a434b55d66c080ea095b02ba4c3f8ba492c9e50111bf1b3085cc0f3938a58609a337e89eba9271ee071a8b9f3ab4ad0fc3c92a48cb6bc63ed74877d8425c88eb40d18c6260d2221dc295d1fa1557cfcfe1cb3a1d61b4b1235e28903ae5a4d3d358f6d3e2c87b110e38aab0fd1ca2c047b3ea826d8cd9b980b3fc64fbf38d0d3fed0057b30612880a3d93aa3e16e1c1902cc8c206d7732f426fbb063b020a03d08e3bcd4ff32c30c8ea424ea0c746e72c23e8d53576cc801bdf82f8bba865074e5dde3177820c24be87b9bd36e30a81d1d50b5aa0628262d46d19060ae37a33aa8e515fed3f8bfdf65ba5f8e11e4d517a50ce03f82bc5b3c8e9b3eb6572f1a686430170ce64bc1a61246fd99b2d8a3215104478eead271fcca07bc66e637d5543ad47147f5ad50cc5a203a37b7d2f67bb0387ae189ee7d5cfc0a421b0f0e6286aaf28a3eadfad1b8c83a26ac0a1d4a3846d93e161c82be100278d94e35fc7b5f1feb833f1b975adb33bec5d777cfbdb2c5fe171e205fd6596b37ba646b9ecb163fabcd89a469f6ad539a80937748105298b0a6364d75c6de3cbcbb96c440d5489f3f47149551e7f53d3a22d837cfb59c3e43f0c95760791ed36ff84ae82a679e4e062461bda5db7c27fb00c3238266734bc7c16d45ce7cd3f0b7e63c309977816048f24"}, 0x418, 0x8}) ioctl$IOCTL_VMCI_SET_NOTIFY(r0, 0x7cb, &(0x7f0000000140)={0x7ff, 0x10000, 0x4}) 601.485µs ago: executing program 0 (id=1397): open(0x0, 0x0, 0x0) userfaultfd(0x801) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0x11) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) r3 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_FILTER(r3, 0x6b, 0x1, &(0x7f0000000000)=[{}], 0x4000) 403.041µs ago: executing program 2 (id=1398): socket$inet6_sctp(0xa, 0x1, 0x84) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000200850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000280)='sched_switch\x00', r1, 0x0, 0x6c}, 0x18) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x14) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000180)=0xe) ioctl$TIOCVHANGUP(r4, 0x5437, 0x0) 0s ago: executing program 1 (id=1399): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000006300)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000390000000000000000000000850000004100000085000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) socket$alg(0x26, 0x5, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$igmp6(0xa, 0x3, 0x2) semctl$IPC_SET(0x0, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8) r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x8001, 0x0) ioctl$FBIOPUT_CON2FBMAP(r4, 0x4610, &(0x7f00000000c0)={0x1}) r5 = fsopen(0x0, 0x0) fsmount(r5, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffed4) sendmsg$nl_route(r7, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x2) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x38, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0x3fd4}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r2, r1, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0xd69, &(0x7f0000002340)={@multicast, @local, @void, {@ipv6={0x86dd, @udp={0x9, 0x6, "a4f293", 0xd33, 0x11, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2, {[@srh={0x5e, 0x8, 0x4, 0x4, 0x0, 0x28, 0x1, [@private0, @mcast2, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}, @hopopts={0x62, 0x17c, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x48, {0x2, 0x10, 0x3a, 0x6, [0xfffffffffffffffc, 0x8000, 0x100000000, 0x80000001, 0x7, 0x9, 0x5, 0xffffffffffffff01]}}, @ra, @calipso={0x7, 0x48, {0x3, 0x10, 0x9, 0x1, [0x2000000, 0xcf, 0x5, 0x7, 0xfff, 0x100, 0x2, 0x5]}}, @generic={0x8a, 0xb45, "02dfc379e54dd6b7d4e5ee76890022c796909b70400fa6afa8550fe41c03806ddeac86b77c358c7b0e05b788f3f500caf1ce28106e0a06aedd03d01442011649e53abff0acb8901bfc927776884100350d65ce5bb6ee9217f4561ae0fc8f0ef9ab1a58ff875308bc1b46a8e3d1666f947bf9b9f2acdd0d47abd4c39c66242ba5a60ad9b54cb7484c1567d291d5bfc701e8e2ab8507665597e469b757832ddedb820e1b2f5a8834250fbdc43937299136e7675103f9e613faef663d22cce61c765ffd3c43c3ef4c8110cc354b8129edecbd21b4fdb5e49e7e3f398baab79240d069c3f1141976a597671ccfbdd0a88d34cbde188c5351a167558b5140aa71d53ed67b3af40a7d11a9e3f8b51587f94173fa43ee7def4e78dd184591a72073c253eec922578f9a6d27b6df197b81127b527292eae1292ba93599c3c66868be2f62c7508f543aa0c00666dcb53605d7b539297d77ea2b1bde43ce6f80a1d4c4d3ee2c96b2bfce54b382f3c85383e8631c87a13a6196a3378dddb6ee0734b9fd0d13860ed94d4a16d988f959466a8b3aa052573538a6cf7ab51b7e21a46c8d24812bebec95032c59d15ab9fdc263f679655d451eb191748537918966946788c89678123a805b174e9e9c9586fc33e36a3b96457b3699461321b23758beda25dacb68788ed08bcb0911e17022896f3effb6b6481e5ece5adc28f5ec0d7dc11df7a936c5c778429e03deb858d3e6ae42bfe792f5328baaa6bbf5dd8e854c2041737f183b2e5a674616e7fe50659b9190b91b8290c52ebbc09dde748a451297fcd7be5f31fc29663d842887550a55bffaf96e189260c24d7dfa96fb355945e8abcaa6b719ecf65c3702d3b229bce50aa1f78b697ec707f3cf75045bd802ac708668d1fb3427f2decc30b39ce36d77fb2abac8ffe1af1f475850c4b68cc96d886ca183858c1625e45f6096b1aef6972cad8e5a8e91ba474bf2bf71c5b1d4ddbff3057211789e1e39e57c4253d7324965cdf75c1171cc2c2d3924964a71592362570e0fe2a01f3082518e6036190aea949aeddbb34a2314d7f120a0f64b27790d9c1cda39c5644db8568e0238b3b046b5ebae2e909e16cb7229b2fdcd1e95f6b3945f35469032764e99f23d05aac3d1cd4a2e5f3c39f02c0f4ce4952637dc105224d089854682da4732653446915902e240890c893e49887db8deeb7e13a74aff31d0384493cd55cdca8fa479f3ea6fcce2ed3da0fb086ae6abafdfebf8ba63067d644a7933a11f978d3c9dba3bf17e2e8302bb448e1f091c0a76664c5faad5e0b95a1c8f5071035ae818572b934200726021dbad03040051003da464212e976cf1807c8625447916a0a541648e0557c623108d134cd935c271735af841de670363db0ae3204b1a764312ad8fa3b7c4af9cf8616617d8c600fd06a9df57be7678b91b19c7a0df274131c37b5af30e8b70860279205777f6c23e8e1f8c9e4817ce7d812740ca1f71e2c0c84e93541ac9da1dd0f57bc1c6cbbc62baa5755e699df7a81697d8cb097bf7195ec60548c14b4e52da87d2a4a45034235b5b21530f1b20dae9bfd151b68c278196974452fa558dbe18632e771e77fb89c06d32ff3f0ab040610578cf556fb0fc93ad2f51934cf4bf99e6db3e615ddf356cb127004e897a064162ec40b88646a133fdbc56b569d0da2772aff012be81557e148c85d82aac3d07d9f599f9613753d4f0cd21063839637ceafb4e2d37498ba4011a673b75de2ff40cc13b3eb701f2240f3d65b9d991bd2bdaec92409372c708c83a5910403050207dee7d3dbd256093b858d6efeb230613aaaa81e72b1900a2892c2fd1cd7f75f813f1bf75b0db3e80e1f7bee7ade5c6d992980df74cab065612c0ed787d21e82db2959bf1491c4ac2f1bf7f49fe38e484cae2fcdfe16c17b954112dc2cee86b2d144d37f15da7c326930fd29ac406ce087a5ee81c29b5d97e64b5d948adeaecf45ef360ed6d11edc6c617f6d10d54df9f9e3f68fb65bc9592b9e50c61e671c5491e2d5d18a990456ab243810330c90312cba036c8363f258db11163a1b59aa0126c067c45e08910f9f80777f4a50d997aa7d4fd04e00ce733bfe888850cb69daef51e9d6dc5c586285f3d0ce669f8e1ea389ae1445bc17858706fe83b9993ebd9ba2b5d959a7b8b1f345b7c5a83a1522cce80f27d8ebe6304f8d9876d5cdca4839ad0effbfdccbf410717318798f090020c60cbf437224f997823d525eb11c0d0bcb3e3276e90bdb3e6b578b12719194a94c96e62f14623f4a1487df5c1b753fd4b6ac12420133092144820b93255ebe44d6bc42db49c35e2b23157ea694187f649457d5afee97d2812b9d0a222cbbae17020b92ca9cfcc923c258094c8b56b76786a49e4f37e1a5b9702a657b0384c4d1bc2d1ad4dcceba08b05529c230ab3c3e41c57c2f0b7d5bcd1040bb92e74b30341e324f440694a7d2bf74782a4e56e9ff2762a6db4dda09463117cd579cc4f8489347ffb4dfa3137505f8b95606f3a43d77952688bfcf47614c725510b73bb5e88ab3e1c17eff99fabb934a706c0a82c22687a54b4e19253d21adfc0a7bf588f7ee8fd27448870c15c6f53a765c7e59cc4479e83f62a465fd7dedcafb7a83c9bbc4ef37799359985ed40c6b8e2783a963811062b8752dadb4c78386819c8cbfea8cd51ed3d20b6b9bf4319ed38a74effd60de17509f31d17da711905cf2f1a1a8e563cca05054090e8ff314dc30bf86c770b110248f492bd52bb6e7eccad39355875492b510b386f6dc5c475401b65609a53b42f5510f37faf5da016a3f2122d22cd398078c9353a72aa4db9a31b6911f6a2d192052e30119522c854d783850dde5b72902a496f59796f7362463f156db1e64d298b9265e37bd163bb5f648206e40d4289a7b089a6877768daecac86276405f01ea627e8f1a623aed9b4a03a50011f6c5a619b14513c5a9fec76446e4ead1c56c3eccab1d0fe6855bda047b21e36a68cfa446e82b7cebf197642a382f7c61ae48ef22454cde16a9a495a35a408172b8e95eaeb57d3b4d3e59444be4b65ce98c84fb9fd62bed1f1cab1dec8a95a5fa2011997598c963aaf9604169000d7ce727eaa5ac2b9264561b05867dc568c36e66d03496be83406cfb12f3620ab859f1a996a3f819e4db78d7ef6ca2b00b3cb5f8169cc8af3a5b0064709582be85c729f27376af6f248f3424d6f845dfdd932afce7a62d2c16c3615b7910942fafe77283f650e44a4075c20c7239a928c313083949af57732f1e9ce6e87c6122867233cd032407d6d5aaa9330974fa0afc80b89fa3088f0a514e9eda553bf233f2dc72c8d203701307763b82f19b9c5c9f7832d17a3be1e0201308afdb52cdb8a8997890e17f739e4967ff41124eafe010aa20436fb7decc300871511a10a0261c670917f43767c3f29ed94938c549d4eca4eccbf0dd82abfbe2d25983079c4646ea2fe25f743deb86374175f4ead532cbc26c2e917e0f347a7660c1993d0a2738e9d3d12f556244635ac3f37cbf7011f5452f007d78bf53a5d90d17bb69e182ad7c0add48b5ce9a2cd16ca0b1739734677b3af6a2c3daa86db472590107b7dca74e543b2176ff48f1328a494843e43775273c153907047b412cc2095073f00f22784e5b2e9abe9f6e24f8ae41179d93f4a345cbc48fc76b7df05f84cd4b2b8b2a66adc1b005fb8013a37b2427dd745301e8939bcb76aa75baae6d61b7558ce337aded056a23523027ed293465d1aafe16f96d912b5c881e06c0ee8cffdd1702565109323dc2366de6a2435efc541455362e6dcece1df8bce7b848d810ad1c3ebfce6a48facd789fabd2682e238772be29b142ef86a66c59687238e8da2f22f4af2d60b50dc3b35c12911015574c875aa8bba2cd2fce0adf7fb0991d37c8a4367edec1a40c1d4eeb30c4e5b83597f48738979c1c66ce4e880dc7dadcf22a7394a14e9315ac4eef6d0cc3cf87ef8edd109005b5347fb82582895e2dad4caa4e9c8166c0c2c92120e946c9f4a1760333fb3be86064e7e749e8fa6e897943d3d6235b2ea5b94263feebe"}]}], {0x4e20, 0x4e21, 0xfb, 0x0, @gue={{0x1, 0x1, 0x0, 0x7, 0x100, @void}, "26bc4d426df105a1b58f88af5302632add03e74e52382f19361f1ac1f419c10d8b6bcf60e47c33ead5f2965f642051faafa26d8ebe6a0e0cace9ef28675a63eca98617a63b857c37b5785c467a08a996f9aa07fe5cab460e9de65bd9e2ad58279e4f028fc7a6b55dc1d00e27cb2ad9861d298078b453f5dbb2241454dc9b9bc17b74bdd8ad9bf50703c1d01160085441e3ea5a106541ac9d52358163e17b4702087136898c219933a98f9110629833a0c862f81772042367f47bf94d89459688ae2ecd90d87f258f6f821ae7b9b1ebf9d870f62da8c66c69fd85a5c1e297edea907ab62050183c7dd6ae1d16420da1"}}}}}}}, 0x0) kernel console output (not intermixed with test programs): nterface not active [ 170.766125][ T7766] netlink: 'syz.0.416': attribute type 10 has an invalid length. [ 170.769431][ T7766] netlink: 2 bytes leftover after parsing attributes in process `syz.0.416'. [ 170.773543][ T7766] team0: entered promiscuous mode [ 170.775738][ T7766] team_slave_0: entered promiscuous mode [ 170.778804][ T7766] team_slave_1: entered promiscuous mode [ 170.791679][ T7766] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.800827][ T7766] batman_adv: batadv0: Interface activated: team0 [ 170.807434][ T7766] batman_adv: batadv0: Interface deactivated: team0 [ 170.810230][ T7766] batman_adv: batadv0: Removing interface: team0 [ 170.819334][ T7766] bridge0: port 3(team0) entered blocking state [ 170.821828][ T7766] bridge0: port 3(team0) entered disabled state [ 170.824072][ T7766] team0: entered allmulticast mode [ 170.825806][ T7766] team_slave_0: entered allmulticast mode [ 170.827754][ T7766] team_slave_1: entered allmulticast mode [ 170.830833][ T7766] bridge0: port 3(team0) entered blocking state [ 170.832994][ T7766] bridge0: port 3(team0) entered forwarding state [ 171.200200][ T7778] process 'syz.0.419' launched './file0' with NULL argv: empty string added [ 171.510922][ T5994] usb 7-1: USB disconnect, device number 16 [ 172.576810][ T6008] IPVS: starting estimator thread 0... [ 172.660170][ T7796] IPVS: using max 45 ests per chain, 108000 per kthread [ 174.039359][ T7812] netlink: 40 bytes leftover after parsing attributes in process `syz.0.429'. [ 175.780275][ T54] usb 5-1: new full-speed USB device number 15 using dummy_hcd [ 175.933064][ T54] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 175.942396][ T54] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 175.945384][ T54] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 175.949764][ T54] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 175.960452][ T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.190862][ T54] usb 5-1: usb_control_msg returned -32 [ 176.193311][ T54] usbtmc 5-1:16.0: can't read capabilities [ 176.318695][ T7843] netlink: 277 bytes leftover after parsing attributes in process `syz.2.437'. [ 176.321813][ T7843] netlink: 277 bytes leftover after parsing attributes in process `syz.2.437'. [ 177.284191][ T7855] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check. [ 177.513085][ T7863] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 178.357162][ T7880] netlink: 'syz.1.446': attribute type 10 has an invalid length. [ 178.366367][ T7880] bridge0: port 3(team0) entered disabled state [ 178.368721][ T7880] team0: left allmulticast mode [ 178.370970][ T7880] team_slave_0: left allmulticast mode [ 178.372701][ T7880] team_slave_1: left allmulticast mode [ 178.374439][ T7880] team0: left promiscuous mode [ 178.375962][ T7880] team_slave_0: left promiscuous mode [ 178.460231][ T7880] team_slave_1: left promiscuous mode [ 178.465300][ T7880] bridge0: port 3(team0) entered disabled state [ 178.468982][ T7882] netlink: 'syz.1.446': attribute type 10 has an invalid length. [ 178.471615][ T7882] netlink: 2 bytes leftover after parsing attributes in process `syz.1.446'. [ 178.475958][ T7880] batman_adv: batadv0: Adding interface: team0 [ 178.477866][ T7880] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 178.485634][ T7880] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 178.489156][ T7882] team0: entered promiscuous mode [ 178.490973][ T7882] team_slave_0: entered promiscuous mode [ 178.492903][ T7882] team_slave_1: entered promiscuous mode [ 178.495617][ T7882] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.497817][ T7882] batman_adv: batadv0: Interface activated: team0 [ 178.499860][ T7882] batman_adv: batadv0: Interface deactivated: team0 [ 178.502051][ T7882] batman_adv: batadv0: Removing interface: team0 [ 178.505554][ T7882] bridge0: port 3(team0) entered blocking state [ 178.507696][ T7882] bridge0: port 3(team0) entered disabled state [ 178.509830][ T7882] team0: entered allmulticast mode [ 178.511636][ T7882] team_slave_0: entered allmulticast mode [ 178.513372][ T7882] team_slave_1: entered allmulticast mode [ 178.516212][ T7882] bridge0: port 3(team0) entered blocking state [ 178.518163][ T7882] bridge0: port 3(team0) entered forwarding state [ 178.878861][ T5994] usb 5-1: USB disconnect, device number 15 [ 179.285354][ T7894] netlink: 277 bytes leftover after parsing attributes in process `syz.3.449'. [ 179.288303][ T7894] netlink: 277 bytes leftover after parsing attributes in process `syz.3.449'. [ 179.302747][ T5994] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 179.467645][ T5994] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 179.471430][ T5994] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 179.474802][ T5994] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 179.477716][ T5994] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 179.483296][ T5994] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 179.492657][ T5994] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 179.495884][ T5994] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 179.498599][ T5994] usb 5-1: Product: syz [ 179.500108][ T5994] usb 5-1: Manufacturer: syz [ 179.565334][ T5994] cdc_wdm 5-1:1.0: skipping garbage [ 179.572139][ T5994] cdc_wdm 5-1:1.0: skipping garbage [ 179.585227][ T5994] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 179.589402][ T5994] cdc_wdm 5-1:1.0: Unknown control protocol [ 180.197279][ T5994] usb 5-1: USB disconnect, device number 16 [ 180.363413][ T7907] netlink: 'syz.1.455': attribute type 1 has an invalid length. [ 180.395399][ T7915] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 180.399692][ T7907] 8021q: adding VLAN 0 to HW filter on device bond1 [ 180.428143][ T7908] bond1: (slave veth0_to_bond): making interface the new active one [ 180.432668][ T7908] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link [ 180.901234][ T7930] ubi: mtd0 is already attached to ubi31 [ 180.905048][ T7930] netlink: 24 bytes leftover after parsing attributes in process `syz.3.456'. [ 181.149334][ T7932] netlink: 'syz.1.458': attribute type 10 has an invalid length. [ 181.163828][ T7932] bridge0: port 3(team0) entered disabled state [ 181.167257][ T7932] team0: left allmulticast mode [ 181.169401][ T7932] team_slave_0: left allmulticast mode [ 181.172118][ T7932] team_slave_1: left allmulticast mode [ 181.174505][ T7932] team0: left promiscuous mode [ 181.176595][ T7932] team_slave_0: left promiscuous mode [ 181.179485][ T7932] team_slave_1: left promiscuous mode [ 181.183520][ T7932] bridge0: port 3(team0) entered disabled state [ 181.236867][ T7932] batman_adv: batadv0: Adding interface: team0 [ 181.242248][ T7935] netlink: 'syz.1.458': attribute type 10 has an invalid length. [ 181.245858][ T7935] netlink: 2 bytes leftover after parsing attributes in process `syz.1.458'. [ 181.249174][ T7932] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 181.259647][ T7932] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 181.283099][ T7935] team0: entered promiscuous mode [ 181.286450][ T7935] team_slave_0: entered promiscuous mode [ 181.291033][ T7935] team_slave_1: entered promiscuous mode [ 181.294096][ T7935] 8021q: adding VLAN 0 to HW filter on device team0 [ 181.296604][ T7935] batman_adv: batadv0: Interface activated: team0 [ 181.298688][ T7935] batman_adv: batadv0: Interface deactivated: team0 [ 181.305807][ T7935] batman_adv: batadv0: Removing interface: team0 [ 181.308862][ T7935] bridge0: port 3(team0) entered blocking state [ 181.441954][ T7935] bridge0: port 3(team0) entered disabled state [ 181.462098][ T7935] team0: entered allmulticast mode [ 181.464270][ T7935] team_slave_0: entered allmulticast mode [ 181.466585][ T7935] team_slave_1: entered allmulticast mode [ 181.471306][ T7935] bridge0: port 3(team0) entered blocking state [ 181.473656][ T7935] bridge0: port 3(team0) entered forwarding state [ 181.567868][ T7939] netlink: 4 bytes leftover after parsing attributes in process `syz.0.460'. [ 181.576371][ T7939] netlink: 277 bytes leftover after parsing attributes in process `syz.0.460'. [ 181.579465][ T7939] netlink: 277 bytes leftover after parsing attributes in process `syz.0.460'. [ 181.854869][ T7944] syzkaller0: entered promiscuous mode [ 181.856846][ T7944] syzkaller0: entered allmulticast mode [ 182.646588][ T7953] ubi: mtd0 is already attached to ubi31 [ 182.649375][ T7953] netlink: 24 bytes leftover after parsing attributes in process `syz.2.461'. [ 182.724006][ T7954] netlink: 277 bytes leftover after parsing attributes in process `syz.0.464'. [ 182.727384][ T7954] netlink: 277 bytes leftover after parsing attributes in process `syz.0.464'. [ 183.972762][ T7959] syz_tun: entered allmulticast mode [ 183.974724][ T7964] lo: entered allmulticast mode [ 183.979061][ T7955] syz_tun: left allmulticast mode [ 183.981039][ T7955] lo: left allmulticast mode [ 184.260128][ T1023] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 184.412248][ T1023] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 184.414991][ T1023] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 184.418149][ T1023] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 184.426635][ T1023] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 184.430491][ T1023] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 184.441004][ T1023] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 184.446378][ T1023] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 184.450882][ T1023] usb 7-1: Product: syz [ 184.454088][ T1023] usb 7-1: Manufacturer: syz [ 184.469179][ T1023] cdc_wdm 7-1:1.0: skipping garbage [ 184.472495][ T1023] cdc_wdm 7-1:1.0: skipping garbage [ 184.477005][ T1023] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 184.480492][ T1023] cdc_wdm 7-1:1.0: Unknown control protocol [ 184.504432][ T7987] ubi: mtd0 is already attached to ubi31 [ 184.508256][ T7987] __nla_validate_parse: 3 callbacks suppressed [ 184.508310][ T7987] netlink: 24 bytes leftover after parsing attributes in process `syz.3.471'. [ 184.837978][ T1023] usb 7-1: USB disconnect, device number 17 [ 186.454820][ T8007] netlink: 'syz.0.472': attribute type 10 has an invalid length. [ 186.480186][ T8007] bridge0: port 3(team0) entered disabled state [ 186.489130][ T8007] team0: left allmulticast mode [ 186.500282][ T8007] team_slave_0: left allmulticast mode [ 186.502349][ T8007] team_slave_1: left allmulticast mode [ 186.507567][ T8007] team0: left promiscuous mode [ 186.509113][ T8007] team_slave_0: left promiscuous mode [ 186.511487][ T8007] team_slave_1: left promiscuous mode [ 186.514022][ T8009] netlink: 'syz.0.472': attribute type 10 has an invalid length. [ 186.516517][ T8009] netlink: 2 bytes leftover after parsing attributes in process `syz.0.472'. [ 186.519983][ T8007] bridge0: port 3(team0) entered disabled state [ 186.532245][ T8007] batman_adv: batadv0: Adding interface: team0 [ 186.534383][ T8007] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 186.542659][ T8007] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 186.547449][ T8009] team0: entered promiscuous mode [ 186.549229][ T8009] team_slave_0: entered promiscuous mode [ 186.552646][ T8009] team_slave_1: entered promiscuous mode [ 186.558681][ T8009] 8021q: adding VLAN 0 to HW filter on device team0 [ 186.561845][ T8009] batman_adv: batadv0: Interface activated: team0 [ 186.564027][ T8009] batman_adv: batadv0: Interface deactivated: team0 [ 186.566108][ T8009] batman_adv: batadv0: Removing interface: team0 [ 186.568778][ T8009] bridge0: port 3(team0) entered blocking state [ 186.572262][ T8009] bridge0: port 3(team0) entered disabled state [ 186.574453][ T8009] team0: entered allmulticast mode [ 186.576085][ T8009] team_slave_0: entered allmulticast mode [ 186.577920][ T8009] team_slave_1: entered allmulticast mode [ 186.587066][ T8009] bridge0: port 3(team0) entered blocking state [ 186.589089][ T8009] bridge0: port 3(team0) entered forwarding state [ 186.919644][ T8019] netlink: zone id is out of range [ 186.921647][ T8019] netlink: get zone limit has 8 unknown bytes [ 187.198932][ T8031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.480'. [ 187.203811][ T8031] netlink: 173 bytes leftover after parsing attributes in process `syz.0.480'. [ 187.261138][ T8038] FAULT_INJECTION: forcing a failure. [ 187.261138][ T8038] name failslab, interval 1, probability 0, space 0, times 0 [ 187.265118][ T8038] CPU: 2 UID: 0 PID: 8038 Comm: syz.1.486 Not tainted syzkaller #0 PREEMPT(full) [ 187.265133][ T8038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 187.265139][ T8038] Call Trace: [ 187.265143][ T8038] [ 187.265148][ T8038] dump_stack_lvl+0x16c/0x1f0 [ 187.265164][ T8038] should_fail_ex+0x512/0x640 [ 187.265181][ T8038] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 187.265201][ T8038] should_failslab+0xc2/0x120 [ 187.265217][ T8038] kmem_cache_alloc_noprof+0x75/0x6e0 [ 187.265229][ T8038] ? skb_clone+0x190/0x3f0 [ 187.265242][ T8038] ? skb_clone+0x190/0x3f0 [ 187.265251][ T8038] skb_clone+0x190/0x3f0 [ 187.265261][ T8038] netlink_deliver_tap+0xabd/0xd30 [ 187.265283][ T8038] netlink_unicast+0x64c/0x870 [ 187.265296][ T8038] ? __pfx_netlink_unicast+0x10/0x10 [ 187.265311][ T8038] netlink_sendmsg+0x8c8/0xdd0 [ 187.265325][ T8038] ? __pfx_netlink_sendmsg+0x10/0x10 [ 187.265337][ T8038] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 187.265356][ T8038] ____sys_sendmsg+0xa98/0xc70 [ 187.265370][ T8038] ? __pfx_____sys_sendmsg+0x10/0x10 [ 187.265383][ T8038] ? get_compat_msghdr+0x11a/0x170 [ 187.265407][ T8038] ___sys_sendmsg+0x134/0x1d0 [ 187.265418][ T8038] ? __pfx____sys_sendmsg+0x10/0x10 [ 187.265446][ T8038] ? find_held_lock+0x2b/0x80 [ 187.265467][ T8038] __sys_sendmsg+0x16d/0x220 [ 187.265477][ T8038] ? __pfx___sys_sendmsg+0x10/0x10 [ 187.265493][ T8038] ? rcu_is_watching+0x12/0xc0 [ 187.265524][ T8038] __do_fast_syscall_32+0x7c/0x300 [ 187.265540][ T8038] do_fast_syscall_32+0x32/0x80 [ 187.265553][ T8038] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 187.265567][ T8038] RIP: 0023:0xf7fe7579 [ 187.265575][ T8038] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 187.265586][ T8038] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 187.265597][ T8038] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080007580 [ 187.265603][ T8038] RDX: 0000000000048040 RSI: 0000000000000000 RDI: 0000000000000000 [ 187.265609][ T8038] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 187.265615][ T8038] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 187.265622][ T8038] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 187.265635][ T8038] [ 187.267133][ T8039] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 1, id = 0 [ 188.006809][ T8056] pim6reg: entered allmulticast mode [ 188.473278][ T8063] ubi: mtd0 is already attached to ubi31 [ 188.476034][ T8063] netlink: 24 bytes leftover after parsing attributes in process `syz.2.491'. [ 189.228459][ T8067] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 189.242138][ T8065] FAULT_INJECTION: forcing a failure. [ 189.242138][ T8065] name failslab, interval 1, probability 0, space 0, times 0 [ 189.247422][ T8065] CPU: 0 UID: 0 PID: 8065 Comm: syz.1.493 Not tainted syzkaller #0 PREEMPT(full) [ 189.247444][ T8065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 189.247454][ T8065] Call Trace: [ 189.247460][ T8065] [ 189.247467][ T8065] dump_stack_lvl+0x16c/0x1f0 [ 189.247492][ T8065] should_fail_ex+0x512/0x640 [ 189.247520][ T8065] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 189.247539][ T8065] should_failslab+0xc2/0x120 [ 189.247561][ T8065] kmem_cache_alloc_noprof+0x75/0x6e0 [ 189.247576][ T8065] ? __kvm_mmu_topup_memory_cache+0x455/0x600 [ 189.247597][ T8065] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 189.247624][ T8065] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 189.247649][ T8065] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 189.247682][ T8065] mmu_topup_memory_caches+0x25/0x170 [ 189.247709][ T8065] kvm_mmu_load+0xd6/0x23c0 [ 189.247737][ T8065] ? kvm_apic_has_interrupt+0x106/0x1f0 [ 189.247757][ T8065] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 189.247779][ T8065] ? __pfx_kvm_mmu_load+0x10/0x10 [ 189.247807][ T8065] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 189.247833][ T8065] ? kvm_check_and_inject_events+0x71c/0x1310 [ 189.247863][ T8065] vcpu_run+0x3779/0x54d0 [ 189.247877][ T8065] ? kvm_mmu_post_init_vm+0x280/0x380 [ 189.247895][ T8065] ? __lock_acquire+0xb8a/0x1c90 [ 189.247922][ T8065] ? __pfx_vcpu_run+0x10/0x10 [ 189.247944][ T8065] ? fpu_swap_kvm_fpstate+0x1be/0x410 [ 189.247965][ T8065] ? __local_bh_enable_ip+0xa4/0x120 [ 189.247991][ T8065] ? kvm_arch_vcpu_ioctl_run+0x1023/0x1970 [ 189.248006][ T8065] kvm_arch_vcpu_ioctl_run+0x1023/0x1970 [ 189.248030][ T8065] kvm_vcpu_ioctl+0x5eb/0x1690 [ 189.248054][ T8065] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 189.248075][ T8065] ? tomoyo_path_number_perm+0x18d/0x580 [ 189.248105][ T8065] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 189.248142][ T8065] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 189.248169][ T8065] ? do_vfs_ioctl+0x128/0x14f0 [ 189.248192][ T8065] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 189.248226][ T8065] kvm_vcpu_compat_ioctl+0x20f/0x3d0 [ 189.248250][ T8065] ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10 [ 189.248277][ T8065] ? __fget_files+0x20e/0x3c0 [ 189.248298][ T8065] ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10 [ 189.248320][ T8065] __ia32_compat_sys_ioctl+0x242/0x370 [ 189.248346][ T8065] __do_fast_syscall_32+0x7c/0x300 [ 189.248367][ T8065] do_fast_syscall_32+0x32/0x80 [ 189.248385][ T8065] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 189.248406][ T8065] RIP: 0023:0xf7fe7579 [ 189.248422][ T8065] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 189.248439][ T8065] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 189.248454][ T8065] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80 [ 189.248464][ T8065] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 189.248473][ T8065] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 189.248482][ T8065] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 189.248492][ T8065] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 189.248515][ T8065] [ 189.660134][ T34] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 189.831454][ T34] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 189.834378][ T34] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 189.837630][ T34] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 189.840768][ T34] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 189.844240][ T34] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 189.849502][ T34] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 189.852736][ T34] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 189.855259][ T34] usb 6-1: Product: syz [ 189.856578][ T34] usb 6-1: Manufacturer: syz [ 189.861824][ T34] cdc_wdm 6-1:1.0: skipping garbage [ 189.864331][ T34] cdc_wdm 6-1:1.0: skipping garbage [ 189.867611][ T34] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 189.869559][ T34] cdc_wdm 6-1:1.0: Unknown control protocol [ 190.000102][ T54] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 190.129067][ C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 190.129641][ T842] usb 6-1: USB disconnect, device number 18 [ 190.131228][ C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 190.131238][ C0] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 190.150174][ T54] usb 7-1: Using ep0 maxpacket: 16 [ 190.152907][ T54] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 190.157164][ T54] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 190.161206][ T54] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 190.166218][ T54] usb 7-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 190.169715][ T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 190.174959][ T54] usb 7-1: config 0 descriptor?? [ 190.624852][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.627647][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.629906][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.632104][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.634375][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.635164][ T8082] random: crng reseeded on system resumption [ 190.636479][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.636522][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.636531][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.636566][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.646766][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.648970][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.651377][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.653411][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.655557][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.657708][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.659750][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.662263][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.664318][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.666450][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.668519][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.670766][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.672870][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.675024][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.677117][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.679292][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.681503][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.683554][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.686173][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.688803][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.691480][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.694229][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.697050][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.699911][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.702817][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.705633][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.708401][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.711397][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.714217][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.716358][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.718501][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.720779][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.723163][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.725591][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.727732][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.729941][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.732695][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.735184][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.737278][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.739416][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.741644][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.743761][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.745853][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.747959][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.750150][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.752332][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.754458][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.756663][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.758799][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.761215][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.764003][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.766217][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.768341][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.770610][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.772648][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.774802][ T5947] Bluetooth: hci0: unexpected cc 0x2002 length: 1 < 4 [ 190.777019][ T5947] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 190.891681][ T8093] overlayfs: missing 'lowerdir' [ 191.250790][ T54] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 191.253016][ T54] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 191.255155][ T54] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 191.257248][ T54] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 191.259309][ T54] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 191.264893][ T54] input: HID 0955:7214 Haptics as /devices/virtual/input/input19 [ 191.301139][ T54] shield 0003:0955:7214.0002: Registered Thunderstrike controller [ 191.304019][ T54] shield 0003:0955:7214.0002: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.2-1/input0 [ 191.448186][ T8104] syz.2.504 uses obsolete (PF_INET,SOCK_PACKET) [ 191.914061][ T40] audit: type=1326 audit(1761228978.536:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.1.506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 191.933094][ T40] audit: type=1326 audit(1761228978.546:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.1.506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 191.943858][ T8115] netlink: 4 bytes leftover after parsing attributes in process `syz.1.506'. [ 191.948028][ T40] audit: type=1326 audit(1761228978.566:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.1.506" exe="/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 191.955043][ T40] audit: type=1326 audit(1761228978.566:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.1.506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 191.961679][ T40] audit: type=1326 audit(1761228978.566:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.1.506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 191.968123][ T40] audit: type=1326 audit(1761228978.566:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.1.506" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 191.974666][ T40] audit: type=1326 audit(1761228978.566:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.1.506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 191.981536][ T40] audit: type=1326 audit(1761228978.566:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.1.506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 191.988849][ T40] audit: type=1326 audit(1761228978.566:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.1.506" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 191.995663][ T40] audit: type=1326 audit(1761228978.566:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.1.506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 192.006252][ T8111] ubi: mtd0 is already attached to ubi31 [ 192.009104][ T8111] netlink: 24 bytes leftover after parsing attributes in process `syz.2.505'. [ 192.107253][ T8119] tipc: Enabled bearer , priority 0 [ 192.110352][ T8119] syzkaller0: entered promiscuous mode [ 192.112493][ T8119] syzkaller0: entered allmulticast mode [ 192.117887][ T8119] ubi: mtd0 is already attached to ubi31 [ 192.122597][ T8119] tipc: Resetting bearer [ 192.138356][ T8119] tipc: Disabling bearer [ 192.402194][ T24] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ESHUTDOWN [ 192.406414][ T24] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENOENT [ 192.412826][ T24] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 192.416958][ T24] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 192.540548][ T6027] usb 7-1: reset high-speed USB device number 18 using dummy_hcd [ 192.670133][ T6027] usb 7-1: device descriptor read/64, error -32 [ 192.709527][ T8130] tipc: Enabled bearer , priority 0 [ 192.720354][ T8130] syzkaller0: entered promiscuous mode [ 192.722691][ T8130] syzkaller0: entered allmulticast mode [ 192.732626][ T8130] ubi: mtd0 is already attached to ubi31 [ 192.745888][ T8130] tipc: Resetting bearer [ 192.772101][ T8130] tipc: Disabling bearer [ 192.920372][ T6027] usb 7-1: reset high-speed USB device number 18 using dummy_hcd [ 193.070115][ T6027] usb 7-1: device descriptor read/64, error -32 [ 193.219951][ T8150] netlink: 4 bytes leftover after parsing attributes in process `syz.2.508'. [ 193.225384][ T8150] netlink: 173 bytes leftover after parsing attributes in process `syz.2.508'. [ 193.350071][ T6027] usb 7-1: reset high-speed USB device number 18 using dummy_hcd [ 193.380340][ T6027] usb 7-1: device descriptor read/8, error -32 [ 193.593546][ T8156] ubi: mtd0 is already attached to ubi31 [ 193.598262][ T8156] netlink: 24 bytes leftover after parsing attributes in process `syz.1.515'. [ 193.602879][ T8166] netlink: 'syz.3.518': attribute type 30 has an invalid length. [ 193.620501][ T6027] usb 7-1: reset high-speed USB device number 18 using dummy_hcd [ 193.640433][ T6027] usb 7-1: device descriptor read/8, error -32 [ 193.750304][ T6027] raw-gadget.2 gadget.2: failed to queue suspend event [ 193.761186][ T24] usb 7-1: USB disconnect, device number 18 [ 193.809918][ T24] raw-gadget.2 gadget.2: failed to queue reset event [ 193.880391][ T24] raw-gadget.2 gadget.2: failed to queue resume event [ 193.940249][ T24] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 193.942904][ C2] raw-gadget.2 gadget.2: ignoring, device is not running [ 193.945194][ T24] raw-gadget.2 gadget.2: failed to queue reset event [ 194.010163][ T24] raw-gadget.2 gadget.2: failed to queue resume event [ 194.080226][ T24] usb 7-1: device descriptor read/64, error -32 [ 194.145909][ T8178] netlink: 4 bytes leftover after parsing attributes in process `syz.1.520'. [ 194.152625][ T8178] netlink: 277 bytes leftover after parsing attributes in process `syz.1.520'. [ 194.155496][ T8178] netlink: 277 bytes leftover after parsing attributes in process `syz.1.520'. [ 194.200241][ T24] raw-gadget.2 gadget.2: failed to queue suspend event [ 194.202947][ T24] raw-gadget.2 gadget.2: failed to queue reset event [ 194.254796][ T8176] netlink: 'syz.3.519': attribute type 10 has an invalid length. [ 194.273491][ T24] raw-gadget.2 gadget.2: failed to queue resume event [ 194.286537][ T8176] team0: left allmulticast mode [ 194.288632][ T8176] team_slave_0: left allmulticast mode [ 194.291279][ T8176] team_slave_1: left allmulticast mode [ 194.293685][ T8176] team0: left promiscuous mode [ 194.295343][ T8176] team_slave_0: left promiscuous mode [ 194.297589][ T8176] team_slave_1: left promiscuous mode [ 194.303771][ T8176] bridge0: port 3(team0) entered disabled state [ 194.335314][ T8187] netlink: 'syz.3.519': attribute type 10 has an invalid length. [ 194.338188][ T8187] netlink: 2 bytes leftover after parsing attributes in process `syz.3.519'. [ 194.343444][ T24] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 194.346236][ C2] raw-gadget.2 gadget.2: ignoring, device is not running [ 194.348594][ T24] raw-gadget.2 gadget.2: failed to queue reset event [ 194.355910][ T8176] batman_adv: batadv0: Adding interface: team0 [ 194.425004][ T24] raw-gadget.2 gadget.2: failed to queue resume event [ 194.475956][ T8176] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 194.493658][ T24] usb 7-1: device descriptor read/64, error -32 [ 194.498478][ T8176] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 194.506622][ T8187] team0: entered promiscuous mode [ 194.508891][ T8187] team_slave_0: entered promiscuous mode [ 194.512893][ T8187] team_slave_1: entered promiscuous mode [ 194.522932][ T8187] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.526289][ T8187] batman_adv: batadv0: Interface activated: team0 [ 194.529138][ T8187] batman_adv: batadv0: Interface deactivated: team0 [ 194.537343][ T8187] batman_adv: batadv0: Removing interface: team0 [ 194.555641][ T8187] bridge0: port 3(team0) entered blocking state [ 194.558047][ T8187] bridge0: port 3(team0) entered disabled state [ 194.560324][ T8187] team0: entered allmulticast mode [ 194.562180][ T8187] team_slave_0: entered allmulticast mode [ 194.564095][ T8187] team_slave_1: entered allmulticast mode [ 194.600217][ T24] raw-gadget.2 gadget.2: failed to queue suspend event [ 194.603069][ T24] usb usb7-port1: attempt power cycle [ 194.605287][ T24] raw-gadget.2 gadget.2: failed to queue disconnect event [ 194.611273][ T24] raw-gadget.2 gadget.2: failed to queue reset event [ 194.661300][ T5947] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 194.665969][ T5947] Bluetooth: hci0: Injecting HCI hardware error event [ 194.669859][ T5947] Bluetooth: hci0: hardware error 0x00 [ 194.690130][ T24] raw-gadget.2 gadget.2: failed to queue resume event [ 194.696434][ T24] raw-gadget.2 gadget.2: failed to queue reset event [ 194.786605][ T8196] netlink: 4 bytes leftover after parsing attributes in process `syz.0.523'. [ 194.910127][ T24] raw-gadget.2 gadget.2: failed to queue resume event [ 194.980316][ T24] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 195.010451][ C2] raw-gadget.2 gadget.2: ignoring, device is not running [ 195.012889][ T24] usb 7-1: device descriptor read/8, error -32 [ 195.120203][ T24] raw-gadget.2 gadget.2: failed to queue suspend event [ 195.123702][ T24] raw-gadget.2 gadget.2: failed to queue reset event [ 195.190745][ T24] raw-gadget.2 gadget.2: failed to queue resume event [ 195.260132][ T24] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 195.280520][ C2] raw-gadget.2 gadget.2: ignoring, device is not running [ 195.283610][ T24] usb 7-1: device descriptor read/8, error -32 [ 195.400254][ T24] raw-gadget.2 gadget.2: failed to queue suspend event [ 195.404784][ T24] usb usb7-port1: unable to enumerate USB device [ 196.730247][ T5947] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 196.962234][ T8225] __nla_validate_parse: 4 callbacks suppressed [ 196.962245][ T8225] netlink: 4 bytes leftover after parsing attributes in process `syz.0.529'. [ 196.968850][ T8225] netlink: 277 bytes leftover after parsing attributes in process `syz.0.529'. [ 196.969928][ T8224] sp0: Synchronizing with TNC [ 196.971727][ T8225] netlink: 277 bytes leftover after parsing attributes in process `syz.0.529'. [ 196.989055][ T40] kauditd_printk_skb: 43 callbacks suppressed [ 196.989071][ T40] audit: type=1326 audit(1761228983.606:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.1.532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 197.002337][ T40] audit: type=1326 audit(1761228983.606:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.1.532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 197.016938][ T40] audit: type=1326 audit(1761228983.606:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.1.532" exe="/syz-executor" sig=0 arch=40000003 syscall=338 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 197.027510][ T40] audit: type=1326 audit(1761228983.606:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.1.532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 197.036659][ T40] audit: type=1326 audit(1761228983.606:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.1.532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 197.076339][ T40] audit: type=1326 audit(1761228983.606:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.1.532" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 197.086086][ T40] audit: type=1326 audit(1761228983.636:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.1.532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 197.095059][ T40] audit: type=1326 audit(1761228983.636:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.1.532" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 197.105158][ T40] audit: type=1326 audit(1761228983.636:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.1.532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 197.114444][ T40] audit: type=1326 audit(1761228983.636:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.1.532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 197.378684][ T8229] ubi: mtd0 is already attached to ubi31 [ 197.381017][ T8229] netlink: 24 bytes leftover after parsing attributes in process `syz.2.534'. [ 197.594353][ T8238] netlink: 48 bytes leftover after parsing attributes in process `syz.1.536'. [ 197.660734][ T8241] netlink: 'syz.3.533': attribute type 10 has an invalid length. [ 197.674219][ T8241] team0: left allmulticast mode [ 197.675884][ T8241] team_slave_0: left allmulticast mode [ 197.677768][ T8241] team_slave_1: left allmulticast mode [ 197.679570][ T8241] team0: left promiscuous mode [ 197.681250][ T8241] team_slave_0: left promiscuous mode [ 197.683450][ T8241] team_slave_1: left promiscuous mode [ 197.686953][ T8241] bridge0: port 3(team0) entered disabled state [ 197.699168][ T8241] batman_adv: batadv0: Adding interface: team0 [ 197.701785][ T8241] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 197.709849][ T8241] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 197.714903][ T8244] netlink: 'syz.3.533': attribute type 10 has an invalid length. [ 197.717433][ T8244] netlink: 2 bytes leftover after parsing attributes in process `syz.3.533'. [ 197.719300][ T8238] 8021q: adding VLAN 0 to HW filter on device bond0 [ 197.726037][ T8238] bond0: (slave rose0): Enslaving as an active interface with an up link [ 197.729845][ T8244] team0: entered promiscuous mode [ 197.731570][ T8244] team_slave_0: entered promiscuous mode [ 197.733896][ T8244] team_slave_1: entered promiscuous mode [ 197.737794][ T8244] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.741808][ T8244] batman_adv: batadv0: Interface activated: team0 [ 197.743958][ T8244] batman_adv: batadv0: Interface deactivated: team0 [ 197.746056][ T8244] batman_adv: batadv0: Removing interface: team0 [ 197.749965][ T8244] bridge0: port 3(team0) entered blocking state [ 197.753011][ T8244] bridge0: port 3(team0) entered disabled state [ 197.755198][ T8244] team0: entered allmulticast mode [ 197.756867][ T8244] team_slave_0: entered allmulticast mode [ 197.758702][ T8244] team_slave_1: entered allmulticast mode [ 197.780231][ T8250] netlink: 4 bytes leftover after parsing attributes in process `syz.2.537'. [ 198.665240][ T8287] netlink: 4 bytes leftover after parsing attributes in process `syz.3.541'. [ 198.681540][ T8291] tipc: Enabled bearer , priority 0 [ 198.683889][ T8291] syzkaller0: entered promiscuous mode [ 198.685675][ T8291] syzkaller0: entered allmulticast mode [ 198.689164][ T8291] ubi: mtd0 is already attached to ubi31 [ 198.693801][ T8291] tipc: Resetting bearer [ 198.702840][ T8291] tipc: Disabling bearer [ 198.815682][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 198.817809][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 198.921447][ T8289] ubi: mtd0 is already attached to ubi31 [ 198.924292][ T8289] netlink: 24 bytes leftover after parsing attributes in process `syz.2.546'. [ 198.937736][ T8297] netlink: 173 bytes leftover after parsing attributes in process `syz.3.541'. [ 199.020202][ T24] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 199.172600][ T24] usb 6-1: Using ep0 maxpacket: 8 [ 199.175885][ T24] usb 6-1: config 0 has an invalid descriptor of length 62, skipping remainder of the config [ 199.181945][ T24] usb 6-1: config 0 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 199.186675][ T24] usb 6-1: config 0 interface 0 has no altsetting 0 [ 199.189319][ T24] usb 6-1: New USB device found, idVendor=000c, idProduct=0000, bcdDevice= 0.00 [ 199.195334][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.200942][ T24] usb 6-1: config 0 descriptor?? [ 199.350258][ T1172] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 199.353607][ T93] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 199.356850][ T93] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 199.367127][ T93] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 199.618004][ T24] usb 6-1: string descriptor 0 read error: -71 [ 199.622104][ T24] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 199.626109][ T24] usb 6-1: USB disconnect, device number 19 [ 200.523220][ T8336] netlink: 'syz.1.558': attribute type 1 has an invalid length. [ 201.296970][ T8352] netlink: 'syz.0.560': attribute type 10 has an invalid length. [ 201.303917][ T8352] bridge0: port 3(team0) entered disabled state [ 201.306388][ T8352] team0: left allmulticast mode [ 201.308104][ T8352] team_slave_0: left allmulticast mode [ 201.317043][ T8352] team_slave_1: left allmulticast mode [ 201.318947][ T8352] team0: left promiscuous mode [ 201.320799][ T8352] team_slave_0: left promiscuous mode [ 201.322832][ T8352] team_slave_1: left promiscuous mode [ 201.324912][ T8352] bridge0: port 3(team0) entered disabled state [ 201.339570][ T8352] batman_adv: batadv0: Adding interface: team0 [ 201.341899][ T8352] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 201.354010][ T8354] netlink: 'syz.0.560': attribute type 10 has an invalid length. [ 201.356682][ T8352] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 201.360697][ T8354] team0: entered promiscuous mode [ 201.362536][ T8354] team_slave_0: entered promiscuous mode [ 201.362710][ T8354] team_slave_1: entered promiscuous mode [ 201.365551][ T8354] 8021q: adding VLAN 0 to HW filter on device team0 [ 201.375136][ T8354] batman_adv: batadv0: Interface activated: team0 [ 201.377323][ T8354] batman_adv: batadv0: Interface deactivated: team0 [ 201.379493][ T8354] batman_adv: batadv0: Removing interface: team0 [ 201.390702][ T8354] bridge0: port 3(team0) entered blocking state [ 201.392991][ T8354] bridge0: port 3(team0) entered disabled state [ 201.395203][ T8354] team0: entered allmulticast mode [ 201.396979][ T8354] team_slave_0: entered allmulticast mode [ 201.399067][ T8354] team_slave_1: entered allmulticast mode [ 201.427736][ T8354] bridge0: port 3(team0) entered blocking state [ 201.429956][ T8354] bridge0: port 3(team0) entered forwarding state [ 201.748299][ T8360] FAULT_INJECTION: forcing a failure. [ 201.748299][ T8360] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 201.762707][ T8360] CPU: 2 UID: 0 PID: 8360 Comm: syz.1.564 Not tainted syzkaller #0 PREEMPT(full) [ 201.762729][ T8360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 201.762740][ T8360] Call Trace: [ 201.762746][ T8360] [ 201.762753][ T8360] dump_stack_lvl+0x16c/0x1f0 [ 201.762778][ T8360] should_fail_ex+0x512/0x640 [ 201.762807][ T8360] _copy_from_iter+0x29f/0x1720 [ 201.762837][ T8360] ? __alloc_skb+0x200/0x380 [ 201.762863][ T8360] ? __pfx__copy_from_iter+0x10/0x10 [ 201.762889][ T8360] ? netlink_autobind.isra.0+0x158/0x370 [ 201.762917][ T8360] netlink_sendmsg+0x820/0xdd0 [ 201.762940][ T8360] ? __pfx_netlink_sendmsg+0x10/0x10 [ 201.762973][ T8360] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 201.763003][ T8360] ____sys_sendmsg+0xa98/0xc70 [ 201.763023][ T8360] ? __pfx_____sys_sendmsg+0x10/0x10 [ 201.763047][ T8360] ? get_compat_msghdr+0x11a/0x170 [ 201.763086][ T8360] ___sys_sendmsg+0x134/0x1d0 [ 201.763104][ T8360] ? __pfx____sys_sendmsg+0x10/0x10 [ 201.763143][ T8360] ? find_held_lock+0x2b/0x80 [ 201.763176][ T8360] __sys_sendmsg+0x16d/0x220 [ 201.763194][ T8360] ? __pfx___sys_sendmsg+0x10/0x10 [ 201.763222][ T8360] ? rcu_is_watching+0x12/0xc0 [ 201.763244][ T8360] __do_fast_syscall_32+0x7c/0x300 [ 201.763268][ T8360] do_fast_syscall_32+0x32/0x80 [ 201.763287][ T8360] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 201.763307][ T8360] RIP: 0023:0xf7fe7579 [ 201.763320][ T8360] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 201.763336][ T8360] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 201.763354][ T8360] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000 [ 201.763366][ T8360] RDX: 000000000000c000 RSI: 0000000000000000 RDI: 0000000000000000 [ 201.763376][ T8360] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 201.763387][ T8360] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 201.763396][ T8360] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 201.763419][ T8360] [ 202.391283][ T8371] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 203.928516][ T8389] __nla_validate_parse: 6 callbacks suppressed [ 203.928570][ T8389] netlink: 4 bytes leftover after parsing attributes in process `syz.0.571'. [ 203.953173][ T8389] netlink: 173 bytes leftover after parsing attributes in process `syz.0.571'. [ 204.735253][ T8396] netlink: 'syz.3.572': attribute type 10 has an invalid length. [ 204.781362][ T8396] team0: left allmulticast mode [ 204.783454][ T8396] team_slave_0: left allmulticast mode [ 204.785389][ T8396] team_slave_1: left allmulticast mode [ 204.787276][ T8396] team0: left promiscuous mode [ 204.788844][ T8396] team_slave_0: left promiscuous mode [ 204.789865][ T8397] netlink: 'syz.3.572': attribute type 10 has an invalid length. [ 204.790703][ T8396] team_slave_1: left promiscuous mode [ 204.793038][ T8397] netlink: 2 bytes leftover after parsing attributes in process `syz.3.572'. [ 204.799112][ T8396] bridge0: port 3(team0) entered disabled state [ 204.808456][ T8396] batman_adv: batadv0: Adding interface: team0 [ 204.820169][ T8396] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 204.839945][ T8396] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 204.870249][ T8397] team0: entered promiscuous mode [ 204.880582][ T8397] team_slave_0: entered promiscuous mode [ 204.883030][ T8397] team_slave_1: entered promiscuous mode [ 204.906044][ T8397] 8021q: adding VLAN 0 to HW filter on device team0 [ 204.909147][ T8397] batman_adv: batadv0: Interface activated: team0 [ 204.918012][ T8397] batman_adv: batadv0: Interface deactivated: team0 [ 204.942570][ T8397] batman_adv: batadv0: Removing interface: team0 [ 204.952047][ T8397] bridge0: port 3(team0) entered blocking state [ 204.954740][ T8397] bridge0: port 3(team0) entered disabled state [ 204.957464][ T8397] team0: entered allmulticast mode [ 204.959694][ T8397] team_slave_0: entered allmulticast mode [ 204.962211][ T8397] team_slave_1: entered allmulticast mode [ 205.408643][ T8407] FAULT_INJECTION: forcing a failure. [ 205.408643][ T8407] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 205.413502][ T8407] CPU: 3 UID: 0 PID: 8407 Comm: syz.1.575 Not tainted syzkaller #0 PREEMPT(full) [ 205.413517][ T8407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 205.413524][ T8407] Call Trace: [ 205.413528][ T8407] [ 205.413532][ T8407] dump_stack_lvl+0x16c/0x1f0 [ 205.413548][ T8407] should_fail_ex+0x512/0x640 [ 205.413567][ T8407] _copy_from_user+0x2e/0xd0 [ 205.413585][ T8407] __sys_bpf+0x248/0x4980 [ 205.413598][ T8407] ? __pfx___sys_bpf+0x10/0x10 [ 205.413609][ T8407] ? find_held_lock+0x2b/0x80 [ 205.413623][ T8407] ? find_held_lock+0x2b/0x80 [ 205.413637][ T8407] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 205.413658][ T8407] ? fput+0x9b/0xd0 [ 205.413673][ T8407] ? ksys_write+0x1ac/0x250 [ 205.413684][ T8407] ? __pfx_ksys_write+0x10/0x10 [ 205.413698][ T8407] __ia32_sys_bpf+0x76/0xe0 [ 205.413710][ T8407] __do_fast_syscall_32+0x7c/0x300 [ 205.413725][ T8407] do_fast_syscall_32+0x32/0x80 [ 205.413737][ T8407] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 205.413751][ T8407] RIP: 0023:0xf7fe7579 [ 205.413760][ T8407] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 205.413770][ T8407] RSP: 002b:00000000f54b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 205.413781][ T8407] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000180 [ 205.413788][ T8407] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 205.413794][ T8407] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 205.413800][ T8407] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 205.413806][ T8407] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 205.413819][ T8407] [ 205.455303][ T8410] netlink: 'syz.0.573': attribute type 10 has an invalid length. [ 205.537411][ T8411] netlink: 'syz.0.573': attribute type 10 has an invalid length. [ 205.539371][ T8410] bridge0: port 3(team0) entered disabled state [ 205.539875][ T8411] netlink: 2 bytes leftover after parsing attributes in process `syz.0.573'. [ 205.543148][ T8410] team0: left allmulticast mode [ 205.546989][ T8410] team_slave_0: left allmulticast mode [ 205.549323][ T8410] team_slave_1: left allmulticast mode [ 205.551856][ T8410] team0: left promiscuous mode [ 205.554000][ T8410] team_slave_0: left promiscuous mode [ 205.557248][ T8410] team_slave_1: left promiscuous mode [ 205.561187][ T8410] bridge0: port 3(team0) entered disabled state [ 205.599215][ T8410] batman_adv: batadv0: Adding interface: team0 [ 205.602154][ T8410] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 205.698104][ T8410] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 205.714317][ T8411] team0: entered promiscuous mode [ 205.717832][ T8411] team_slave_0: entered promiscuous mode [ 205.720571][ T8411] team_slave_1: entered promiscuous mode [ 205.724579][ T8411] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.727560][ T8411] batman_adv: batadv0: Interface activated: team0 [ 205.750502][ T8411] batman_adv: batadv0: Interface deactivated: team0 [ 205.753200][ T8411] batman_adv: batadv0: Removing interface: team0 [ 205.772274][ T8411] bridge0: port 3(team0) entered blocking state [ 205.780283][ T8411] bridge0: port 3(team0) entered disabled state [ 205.782368][ T8411] team0: entered allmulticast mode [ 205.783985][ T8411] team_slave_0: entered allmulticast mode [ 205.785785][ T8411] team_slave_1: entered allmulticast mode [ 205.788738][ T8411] bridge0: port 3(team0) entered blocking state [ 205.790878][ T8411] bridge0: port 3(team0) entered forwarding state [ 206.007621][ T8423] netlink: 28 bytes leftover after parsing attributes in process `syz.2.578'. [ 206.133251][ T8426] openvswitch: netlink: IP tunnel dst address not specified [ 206.189605][ T8430] input: syz0 as /devices/virtual/input/input21 [ 206.310983][ T8428] tipc: Enabled bearer , priority 0 [ 206.313848][ T8428] syzkaller0: entered promiscuous mode [ 206.315706][ T8428] syzkaller0: entered allmulticast mode [ 206.318936][ T8428] ubi: mtd0 is already attached to ubi31 [ 206.323971][ T8428] tipc: Resetting bearer [ 206.333626][ T8428] tipc: Disabling bearer [ 206.362314][ T8431] netlink: 'syz.3.577': attribute type 10 has an invalid length. [ 206.371182][ T8431] team0: left allmulticast mode [ 206.373267][ T8431] team_slave_0: left allmulticast mode [ 206.389089][ T8431] team_slave_1: left allmulticast mode [ 206.392479][ T8431] team0: left promiscuous mode [ 206.404818][ T8431] team_slave_0: left promiscuous mode [ 206.409243][ T8431] team_slave_1: left promiscuous mode [ 206.419140][ T8431] bridge0: port 3(team0) entered disabled state [ 206.437466][ T8435] netlink: 'syz.3.577': attribute type 10 has an invalid length. [ 206.440220][ T8435] netlink: 2 bytes leftover after parsing attributes in process `syz.3.577'. [ 206.448941][ T8431] batman_adv: batadv0: Adding interface: team0 [ 206.450706][ T1023] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 206.454581][ T8431] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 206.462624][ T8431] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 206.466966][ T8435] team0: entered promiscuous mode [ 206.468615][ T8435] team_slave_0: entered promiscuous mode [ 206.470658][ T8435] team_slave_1: entered promiscuous mode [ 206.474097][ T8435] 8021q: adding VLAN 0 to HW filter on device team0 [ 206.476860][ T8435] batman_adv: batadv0: Interface activated: team0 [ 206.479319][ T8435] batman_adv: batadv0: Interface deactivated: team0 [ 206.481645][ T8435] batman_adv: batadv0: Removing interface: team0 [ 206.485493][ T8435] bridge0: port 3(team0) entered blocking state [ 206.487663][ T8435] bridge0: port 3(team0) entered disabled state [ 206.489774][ T8435] team0: entered allmulticast mode [ 206.497348][ T8435] team_slave_0: entered allmulticast mode [ 206.499156][ T8435] team_slave_1: entered allmulticast mode [ 206.600088][ T1023] usb 6-1: Using ep0 maxpacket: 8 [ 206.603104][ T1023] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 206.605761][ T1023] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 206.608769][ T1023] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 206.611872][ T1023] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 206.614953][ T1023] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 206.619017][ T1023] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 206.621929][ T1023] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.941928][ T1023] usb 6-1: usb_control_msg returned -32 [ 206.944308][ T1023] usbtmc 6-1:16.0: can't read capabilities [ 207.691392][ T8452] syzkaller0: entered promiscuous mode [ 207.693432][ T8452] syzkaller0: entered allmulticast mode [ 208.433103][ T8457] netlink: 'syz.2.585': attribute type 10 has an invalid length. [ 208.441289][ T8457] bridge0: port 3(team0) entered disabled state [ 208.443520][ T8457] team0: left allmulticast mode [ 208.448903][ T8457] team_slave_0: left allmulticast mode [ 208.452590][ T8457] team_slave_1: left allmulticast mode [ 208.454287][ T8457] team0: left promiscuous mode [ 208.459028][ T8457] team_slave_0: left promiscuous mode [ 208.460995][ T8457] team_slave_1: left promiscuous mode [ 208.462811][ T8457] bridge0: port 3(team0) entered disabled state [ 208.467203][ T8457] batman_adv: batadv0: Adding interface: team0 [ 208.469146][ T8457] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 208.477815][ T8457] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 208.487784][ T8457] netlink: 'syz.2.585': attribute type 10 has an invalid length. [ 208.490350][ T8457] netlink: 2 bytes leftover after parsing attributes in process `syz.2.585'. [ 208.493086][ T8457] team0: entered promiscuous mode [ 208.494662][ T8457] team_slave_0: entered promiscuous mode [ 208.496563][ T8457] team_slave_1: entered promiscuous mode [ 208.499163][ T8457] 8021q: adding VLAN 0 to HW filter on device team0 [ 208.501852][ T8457] batman_adv: batadv0: Interface activated: team0 [ 208.503854][ T8457] batman_adv: batadv0: Interface deactivated: team0 [ 208.505870][ T8457] batman_adv: batadv0: Removing interface: team0 [ 208.509591][ T8457] bridge0: port 3(team0) entered blocking state [ 208.513872][ T8457] bridge0: port 3(team0) entered disabled state [ 208.517712][ T8457] team0: entered allmulticast mode [ 208.519320][ T8457] team_slave_0: entered allmulticast mode [ 208.521228][ T8457] team_slave_1: entered allmulticast mode [ 208.525013][ T8457] bridge0: port 3(team0) entered blocking state [ 208.527218][ T8457] bridge0: port 3(team0) entered forwarding state [ 208.840860][ T53] usb 6-1: USB disconnect, device number 20 [ 209.007126][ T8461] snd_dummy snd_dummy.0: control 1:1:3:syz1:9 is already present [ 209.438252][ T8474] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.590'. [ 209.444638][ T8474] openvswitch: netlink: Missing key (keys=40, expected=100) [ 209.687159][ T8477] netlink: 8 bytes leftover after parsing attributes in process `syz.2.592'. [ 211.036144][ T8497] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check. [ 211.480101][ T5994] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 211.561235][ T8508] netlink: 8 bytes leftover after parsing attributes in process `syz.1.599'. [ 211.651853][ T5994] usb 5-1: Using ep0 maxpacket: 8 [ 211.654999][ T5994] usb 5-1: config 0 interface 0 has no altsetting 0 [ 211.657109][ T5994] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 211.661577][ T5994] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.670453][ T5994] usb 5-1: config 0 descriptor?? [ 212.102413][ T5994] mcp2221 0003:04D8:00DD.0003: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 212.336318][ T8534] netlink: 'syz.2.602': attribute type 10 has an invalid length. [ 212.344102][ T8534] bridge0: port 3(team0) entered disabled state [ 212.349049][ T8534] team0: left allmulticast mode [ 212.352600][ T8534] team_slave_0: left allmulticast mode [ 212.354340][ T8534] team_slave_1: left allmulticast mode [ 212.356050][ T8534] team0: left promiscuous mode [ 212.362790][ T8534] team_slave_0: left promiscuous mode [ 212.365065][ T8534] team_slave_1: left promiscuous mode [ 212.371236][ T8534] bridge0: port 3(team0) entered disabled state [ 212.390577][ T8535] netlink: 'syz.2.602': attribute type 10 has an invalid length. [ 212.393340][ T8535] netlink: 2 bytes leftover after parsing attributes in process `syz.2.602'. [ 212.452896][ T8502] capability: warning: `syz.0.596' uses deprecated v2 capabilities in a way that may be insecure [ 212.455386][ T8534] batman_adv: batadv0: Adding interface: team0 [ 212.458390][ T8534] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 212.466328][ T8534] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 212.497039][ T8535] team0: entered promiscuous mode [ 212.498678][ T8535] team_slave_0: entered promiscuous mode [ 212.501591][ T8535] team_slave_1: entered promiscuous mode [ 212.510724][ T8535] 8021q: adding VLAN 0 to HW filter on device team0 [ 212.513088][ T8535] batman_adv: batadv0: Interface activated: team0 [ 212.515820][ T8535] batman_adv: batadv0: Interface deactivated: team0 [ 212.518346][ T8535] batman_adv: batadv0: Removing interface: team0 [ 212.527270][ T8535] bridge0: port 3(team0) entered blocking state [ 212.529387][ T8535] bridge0: port 3(team0) entered disabled state [ 212.531736][ T8535] team0: entered allmulticast mode [ 212.533820][ T8535] team_slave_0: entered allmulticast mode [ 212.535676][ T8535] team_slave_1: entered allmulticast mode [ 212.539286][ T8535] bridge0: port 3(team0) entered blocking state [ 212.541376][ T8535] bridge0: port 3(team0) entered forwarding state [ 213.094620][ T8556] netlink: 8 bytes leftover after parsing attributes in process `syz.3.613'. [ 213.153243][ T24] usb 5-1: USB disconnect, device number 17 [ 213.345769][ T8568] input: syz0 as /devices/virtual/input/input22 [ 213.610165][ T53] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 213.648461][ T8571] netlink: 'syz.1.617': attribute type 10 has an invalid length. [ 213.654426][ T8571] bridge0: port 3(team0) entered disabled state [ 213.657471][ T8571] team0: left allmulticast mode [ 213.659510][ T8571] team_slave_0: left allmulticast mode [ 213.661922][ T8571] team_slave_1: left allmulticast mode [ 213.664139][ T8571] team0: left promiscuous mode [ 213.666064][ T8571] team_slave_0: left promiscuous mode [ 213.668395][ T8571] team_slave_1: left promiscuous mode [ 213.671127][ T8571] bridge0: port 3(team0) entered disabled state [ 213.677630][ T8571] batman_adv: batadv0: Adding interface: team0 [ 213.680465][ T8571] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 213.688397][ T8571] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 213.702586][ T8571] netlink: 'syz.1.617': attribute type 10 has an invalid length. [ 213.705815][ T8571] netlink: 2 bytes leftover after parsing attributes in process `syz.1.617'. [ 213.779997][ T8571] team0: entered promiscuous mode [ 213.781975][ T8571] team_slave_0: entered promiscuous mode [ 213.783927][ T8571] team_slave_1: entered promiscuous mode [ 213.787730][ T8571] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.791108][ T8571] batman_adv: batadv0: Interface activated: team0 [ 213.793836][ T8571] batman_adv: batadv0: Interface deactivated: team0 [ 213.796201][ T8571] batman_adv: batadv0: Removing interface: team0 [ 213.799852][ T8571] bridge0: port 3(team0) entered blocking state [ 213.800334][ T53] usb 5-1: Using ep0 maxpacket: 8 [ 213.802475][ T8571] bridge0: port 3(team0) entered disabled state [ 213.805020][ T53] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 213.809514][ T53] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 213.809646][ T8571] team0: entered allmulticast mode [ 213.813803][ T8571] team_slave_0: entered allmulticast mode [ 213.815441][ T53] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 213.820139][ T8571] team_slave_1: entered allmulticast mode [ 213.821067][ T53] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 213.826966][ T53] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 213.828871][ T8571] bridge0: port 3(team0) entered blocking state [ 213.831341][ T53] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 213.834057][ T8571] bridge0: port 3(team0) entered forwarding state [ 213.837623][ T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.069506][ T53] usb 5-1: usb_control_msg returned -32 [ 214.072035][ T53] usbtmc 5-1:16.0: can't read capabilities [ 214.293139][ T8581] ubi: mtd0 is already attached to ubi31 [ 214.295579][ T8581] netlink: 24 bytes leftover after parsing attributes in process `syz.2.619'. [ 214.336251][ T8583] FAULT_INJECTION: forcing a failure. [ 214.336251][ T8583] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 214.340787][ T8583] CPU: 0 UID: 0 PID: 8583 Comm: syz.1.620 Not tainted syzkaller #0 PREEMPT(full) [ 214.340812][ T8583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 214.340819][ T8583] Call Trace: [ 214.340824][ T8583] [ 214.340828][ T8583] dump_stack_lvl+0x16c/0x1f0 [ 214.340844][ T8583] should_fail_ex+0x512/0x640 [ 214.340864][ T8583] _copy_from_iter+0x29f/0x1720 [ 214.340883][ T8583] ? __alloc_skb+0x200/0x380 [ 214.340901][ T8583] ? __pfx__copy_from_iter+0x10/0x10 [ 214.340918][ T8583] ? netlink_autobind.isra.0+0x158/0x370 [ 214.340934][ T8583] netlink_sendmsg+0x820/0xdd0 [ 214.340948][ T8583] ? __pfx_netlink_sendmsg+0x10/0x10 [ 214.340961][ T8583] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 214.340979][ T8583] ____sys_sendmsg+0xa98/0xc70 [ 214.340994][ T8583] ? __pfx_____sys_sendmsg+0x10/0x10 [ 214.341006][ T8583] ? get_compat_msghdr+0x11a/0x170 [ 214.341029][ T8583] ___sys_sendmsg+0x134/0x1d0 [ 214.341040][ T8583] ? __pfx____sys_sendmsg+0x10/0x10 [ 214.341064][ T8583] ? find_held_lock+0x2b/0x80 [ 214.341085][ T8583] __sys_sendmsg+0x16d/0x220 [ 214.341095][ T8583] ? __pfx___sys_sendmsg+0x10/0x10 [ 214.341110][ T8583] ? rcu_is_watching+0x12/0xc0 [ 214.341125][ T8583] __do_fast_syscall_32+0x7c/0x300 [ 214.341139][ T8583] do_fast_syscall_32+0x32/0x80 [ 214.341152][ T8583] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 214.341166][ T8583] RIP: 0023:0xf7fe7579 [ 214.341175][ T8583] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 214.341186][ T8583] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 214.341196][ T8583] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000380 [ 214.341203][ T8583] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 214.341209][ T8583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 214.341215][ T8583] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 214.341226][ T8583] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 214.341239][ T8583] [ 214.746563][ T8588] FAULT_INJECTION: forcing a failure. [ 214.746563][ T8588] name failslab, interval 1, probability 0, space 0, times 0 [ 214.750704][ T8588] CPU: 3 UID: 0 PID: 8588 Comm: syz.1.622 Not tainted syzkaller #0 PREEMPT(full) [ 214.750719][ T8588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 214.750726][ T8588] Call Trace: [ 214.750730][ T8588] [ 214.750735][ T8588] dump_stack_lvl+0x16c/0x1f0 [ 214.750751][ T8588] should_fail_ex+0x512/0x640 [ 214.750768][ T8588] ? __lock_acquire+0x622/0x1c90 [ 214.750785][ T8588] should_failslab+0xc2/0x120 [ 214.750801][ T8588] kmem_cache_alloc_noprof+0x75/0x6e0 [ 214.750813][ T8588] ? dst_alloc+0x99/0x1a0 [ 214.750831][ T8588] ? dst_alloc+0x99/0x1a0 [ 214.750845][ T8588] ? find_held_lock+0x2b/0x80 [ 214.750855][ T8588] dst_alloc+0x99/0x1a0 [ 214.750872][ T8588] rt_dst_alloc+0x35/0x3a0 [ 214.750886][ T8588] ip_route_input_slow+0x16cb/0x3fa0 [ 214.750905][ T8588] ? __pfx_ip_route_input_slow+0x10/0x10 [ 214.750926][ T8588] ? __pfx_ipt_do_table+0x10/0x10 [ 214.750946][ T8588] ? __pfx_iptable_mangle_hook+0x10/0x10 [ 214.750965][ T8588] ip_route_input_noref+0x120/0x2e0 [ 214.750982][ T8588] ? __pfx_ip_route_input_noref+0x10/0x10 [ 214.751001][ T8588] ? __pfx_nf_hook.constprop.0+0x10/0x10 [ 214.751020][ T8588] ip_rcv_finish_core+0x46f/0x2290 [ 214.751041][ T8588] ip_rcv+0x1c0/0x600 [ 214.751058][ T8588] ? __pfx_ip_rcv+0x10/0x10 [ 214.751074][ T8588] __netif_receive_skb_one_core+0x197/0x1e0 [ 214.751091][ T8588] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 214.751108][ T8588] ? lock_acquire+0x179/0x350 [ 214.751124][ T8588] ? __phys_addr+0xe8/0x180 [ 214.751140][ T8588] __netif_receive_skb+0x1d/0x160 [ 214.751156][ T8588] netif_receive_skb+0x137/0x7b0 [ 214.751176][ T8588] ? __pfx_netif_receive_skb+0x10/0x10 [ 214.751196][ T8588] tun_rx_batched.isra.0+0x3ee/0x740 [ 214.751216][ T8588] ? __pfx_tun_rx_batched.isra.0+0x10/0x10 [ 214.751237][ T8588] ? tun_get_user+0x1ded/0x3cc0 [ 214.751247][ T8588] ? rcu_is_watching+0x12/0xc0 [ 214.751261][ T8588] tun_get_user+0x28b2/0x3cc0 [ 214.751278][ T8588] ? __pfx_tun_get_user+0x10/0x10 [ 214.751289][ T8588] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 214.751311][ T8588] ? find_held_lock+0x2b/0x80 [ 214.751323][ T8588] ? tun_get+0x191/0x370 [ 214.751343][ T8588] tun_chr_write_iter+0xdc/0x210 [ 214.751355][ T8588] vfs_write+0x7d3/0x11d0 [ 214.751367][ T8588] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 214.751380][ T8588] ? __pfx_vfs_write+0x10/0x10 [ 214.751391][ T8588] ? find_held_lock+0x2b/0x80 [ 214.751410][ T8588] ksys_write+0x12a/0x250 [ 214.751421][ T8588] ? __pfx_ksys_write+0x10/0x10 [ 214.751434][ T8588] ? rcu_is_watching+0x12/0xc0 [ 214.751447][ T8588] __do_fast_syscall_32+0x7c/0x300 [ 214.751462][ T8588] do_fast_syscall_32+0x32/0x80 [ 214.751475][ T8588] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 214.751489][ T8588] RIP: 0023:0xf7fe7579 [ 214.751498][ T8588] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 214.751509][ T8588] RSP: 002b:00000000f54d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 214.751519][ T8588] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000300 [ 214.751526][ T8588] RDX: 000000000000006a RSI: 00000000f7475ff4 RDI: 0000000000000000 [ 214.751532][ T8588] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 214.751538][ T8588] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 214.751544][ T8588] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 214.751558][ T8588] [ 214.785934][ T8590] FAULT_INJECTION: forcing a failure. [ 214.785934][ T8590] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 214.898168][ T8590] CPU: 2 UID: 0 PID: 8590 Comm: syz.1.623 Not tainted syzkaller #0 PREEMPT(full) [ 214.898184][ T8590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 214.898190][ T8590] Call Trace: [ 214.898217][ T8590] [ 214.898222][ T8590] dump_stack_lvl+0x16c/0x1f0 [ 214.898239][ T8590] should_fail_ex+0x512/0x640 [ 214.898258][ T8590] _copy_from_iter+0x29f/0x1720 [ 214.898277][ T8590] ? __alloc_skb+0x200/0x380 [ 214.898295][ T8590] ? __pfx__copy_from_iter+0x10/0x10 [ 214.898312][ T8590] ? netlink_autobind.isra.0+0x158/0x370 [ 214.898329][ T8590] netlink_sendmsg+0x820/0xdd0 [ 214.898342][ T8590] ? __pfx_netlink_sendmsg+0x10/0x10 [ 214.898355][ T8590] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 214.898373][ T8590] ____sys_sendmsg+0xa98/0xc70 [ 214.898388][ T8590] ? __pfx_____sys_sendmsg+0x10/0x10 [ 214.898401][ T8590] ? get_compat_msghdr+0x11a/0x170 [ 214.898423][ T8590] ___sys_sendmsg+0x134/0x1d0 [ 214.898438][ T8590] ? __pfx____sys_sendmsg+0x10/0x10 [ 214.898462][ T8590] ? find_held_lock+0x2b/0x80 [ 214.898482][ T8590] __sys_sendmsg+0x16d/0x220 [ 214.898492][ T8590] ? __pfx___sys_sendmsg+0x10/0x10 [ 214.898507][ T8590] ? rcu_is_watching+0x12/0xc0 [ 214.898521][ T8590] __do_fast_syscall_32+0x7c/0x300 [ 214.898536][ T8590] do_fast_syscall_32+0x32/0x80 [ 214.898549][ T8590] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 214.898563][ T8590] RIP: 0023:0xf7fe7579 [ 214.898572][ T8590] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 214.898582][ T8590] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 214.898593][ T8590] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000080 [ 214.898600][ T8590] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 214.898606][ T8590] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 214.898612][ T8590] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 214.898618][ T8590] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 214.898631][ T8590] [ 215.041747][ T8597] FAULT_INJECTION: forcing a failure. [ 215.041747][ T8597] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 215.047128][ T8597] CPU: 1 UID: 0 PID: 8597 Comm: syz.2.626 Not tainted syzkaller #0 PREEMPT(full) [ 215.047150][ T8597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 215.047161][ T8597] Call Trace: [ 215.047169][ T8597] [ 215.047176][ T8597] dump_stack_lvl+0x16c/0x1f0 [ 215.047199][ T8597] should_fail_ex+0x512/0x640 [ 215.047228][ T8597] _copy_from_iter+0x29f/0x1720 [ 215.047263][ T8597] ? __alloc_skb+0x200/0x380 [ 215.047290][ T8597] ? __pfx__copy_from_iter+0x10/0x10 [ 215.047315][ T8597] ? __kernel_text_address+0xd/0x40 [ 215.047332][ T8597] ? __pfx___might_resched+0x10/0x10 [ 215.047359][ T8597] netlink_sendmsg+0x820/0xdd0 [ 215.047382][ T8597] ? __pfx_netlink_sendmsg+0x10/0x10 [ 215.047402][ T8597] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 215.047432][ T8597] ____sys_sendmsg+0xa98/0xc70 [ 215.047456][ T8597] ? __pfx_____sys_sendmsg+0x10/0x10 [ 215.047476][ T8597] ? get_compat_msghdr+0x11a/0x170 [ 215.047512][ T8597] ___sys_sendmsg+0x134/0x1d0 [ 215.047532][ T8597] ? __pfx____sys_sendmsg+0x10/0x10 [ 215.047572][ T8597] ? find_held_lock+0x2b/0x80 [ 215.047624][ T8597] __sys_sendmsg+0x16d/0x220 [ 215.047643][ T8597] ? __pfx___sys_sendmsg+0x10/0x10 [ 215.047671][ T8597] ? rcu_is_watching+0x12/0xc0 [ 215.047693][ T8597] __do_fast_syscall_32+0x7c/0x300 [ 215.047716][ T8597] do_fast_syscall_32+0x32/0x80 [ 215.047736][ T8597] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 215.047757][ T8597] RIP: 0023:0xf7fb5579 [ 215.047771][ T8597] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 215.047787][ T8597] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 215.047805][ T8597] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080001380 [ 215.047817][ T8597] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 215.047827][ T8597] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 215.047836][ T8597] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 215.047847][ T8597] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 215.047871][ T8597] [ 215.480915][ T8603] netlink: 'syz.2.627': attribute type 10 has an invalid length. [ 215.486245][ T8603] bridge0: port 3(team0) entered disabled state [ 215.488996][ T8603] team0: left allmulticast mode [ 215.490996][ T8603] team_slave_0: left allmulticast mode [ 215.492813][ T8603] team_slave_1: left allmulticast mode [ 215.494626][ T8603] team0: left promiscuous mode [ 215.496296][ T8603] team_slave_0: left promiscuous mode [ 215.499489][ T8603] team_slave_1: left promiscuous mode [ 215.503295][ T8603] bridge0: port 3(team0) entered disabled state [ 215.508101][ T8603] batman_adv: batadv0: Adding interface: team0 [ 215.510282][ T8603] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 215.520819][ T8603] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 215.538200][ T8603] netlink: 'syz.2.627': attribute type 10 has an invalid length. [ 215.541365][ T8603] netlink: 2 bytes leftover after parsing attributes in process `syz.2.627'. [ 215.544308][ T8603] team0: entered promiscuous mode [ 215.546044][ T8603] team_slave_0: entered promiscuous mode [ 215.547962][ T8603] team_slave_1: entered promiscuous mode [ 215.550712][ T8603] 8021q: adding VLAN 0 to HW filter on device team0 [ 215.552876][ T8603] batman_adv: batadv0: Interface activated: team0 [ 215.554923][ T8603] batman_adv: batadv0: Interface deactivated: team0 [ 215.557028][ T8603] batman_adv: batadv0: Removing interface: team0 [ 215.559620][ T8603] bridge0: port 3(team0) entered blocking state [ 215.561871][ T8603] bridge0: port 3(team0) entered disabled state [ 215.563996][ T8603] team0: entered allmulticast mode [ 215.565639][ T8603] team_slave_0: entered allmulticast mode [ 215.567587][ T8603] team_slave_1: entered allmulticast mode [ 215.570687][ T8603] bridge0: port 3(team0) entered blocking state [ 215.572696][ T8603] bridge0: port 3(team0) entered forwarding state [ 216.263812][ T8608] random: crng reseeded on system resumption [ 216.309329][ T6027] usb 5-1: USB disconnect, device number 18 [ 216.427067][ T8613] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0 [ 216.470928][ T8612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.629'. [ 216.486433][ T8612] netlink: 277 bytes leftover after parsing attributes in process `syz.3.629'. [ 216.490314][ T8612] netlink: 277 bytes leftover after parsing attributes in process `syz.3.629'. [ 217.468618][ T8641] ubi: mtd0 is already attached to ubi31 [ 217.473467][ T8641] netlink: 24 bytes leftover after parsing attributes in process `syz.2.634'. [ 217.488200][ T8642] input: syz0 as /devices/virtual/input/input23 [ 217.780122][ T34] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 217.940150][ T34] usb 5-1: Using ep0 maxpacket: 8 [ 217.943937][ T34] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 217.947022][ T34] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 217.951064][ T34] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 217.954524][ T34] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 217.958119][ T34] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 217.963643][ T34] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 217.966966][ T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.178991][ T34] usb 5-1: usb_control_msg returned -32 [ 218.181282][ T34] usbtmc 5-1:16.0: can't read capabilities [ 218.588994][ T8656] binder: 8655:8656 ioctl c0306201 80000b80 returned -14 [ 218.608807][ T6028] kernel read not supported for file /dsp (pid: 6028 comm: kworker/0:3) [ 218.954001][ T8668] openvswitch: netlink: Duplicate key (type 1). [ 219.289426][ T8675] netlink: 277 bytes leftover after parsing attributes in process `syz.2.648'. [ 219.292851][ T8675] netlink: 277 bytes leftover after parsing attributes in process `syz.2.648'. [ 219.748428][ T8678] ubi: mtd0 is already attached to ubi31 [ 219.751284][ T8678] netlink: 24 bytes leftover after parsing attributes in process `syz.1.649'. [ 220.415056][ T8687] tipc: Enabled bearer , priority 0 [ 220.417965][ T8687] syzkaller0: entered promiscuous mode [ 220.419850][ T8687] syzkaller0: entered allmulticast mode [ 220.424186][ T8687] ubi: mtd0 is already attached to ubi31 [ 220.440299][ T8687] tipc: Resetting bearer [ 220.441821][ T5994] usb 5-1: USB disconnect, device number 19 [ 220.456037][ T8687] tipc: Disabling bearer [ 220.561069][ T8698] netlink: 20 bytes leftover after parsing attributes in process `syz.1.653'. [ 221.005396][ T8710] openvswitch: netlink: nsh attribute has 1 unknown bytes. [ 221.008466][ T8710] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 221.360899][ T8719] netlink: 277 bytes leftover after parsing attributes in process `syz.3.660'. [ 221.369152][ T8719] netlink: 277 bytes leftover after parsing attributes in process `syz.3.660'. [ 221.428485][ T8723] netlink: 116 bytes leftover after parsing attributes in process `syz.0.662'. [ 221.937545][ T8730] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 221.940231][ T8730] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 221.944362][ T8730] vhci_hcd vhci_hcd.0: Device attached [ 221.981466][ T8732] vhci_hcd: connection closed [ 221.986046][ T218] vhci_hcd: stop threads [ 221.989969][ T218] vhci_hcd: release socket [ 221.992079][ T218] vhci_hcd: disconnect device [ 222.272871][ T40] kauditd_printk_skb: 30 callbacks suppressed [ 222.272886][ T40] audit: type=1326 audit(1761229008.896:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8739 comm="syz.2.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 222.284002][ T40] audit: type=1326 audit(1761229008.896:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8739 comm="syz.2.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 222.290728][ T40] audit: type=1326 audit(1761229008.896:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8739 comm="syz.2.667" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 222.319129][ T40] audit: type=1326 audit(1761229008.936:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8739 comm="syz.2.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 222.323064][ T8742] netlink: 4 bytes leftover after parsing attributes in process `syz.3.666'. [ 222.328729][ T40] audit: type=1326 audit(1761229008.936:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8739 comm="syz.2.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 222.339921][ T8742] netlink: 277 bytes leftover after parsing attributes in process `syz.3.666'. [ 222.341695][ T8741] new mount options do not match the existing superblock, will be ignored [ 222.341812][ T40] audit: type=1326 audit(1761229008.956:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8739 comm="syz.2.667" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 222.341838][ T40] audit: type=1326 audit(1761229008.956:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8739 comm="syz.2.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 222.341858][ T40] audit: type=1326 audit(1761229008.956:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8739 comm="syz.2.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 222.341878][ T40] audit: type=1326 audit(1761229008.956:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8739 comm="syz.2.667" exe="/syz-executor" sig=0 arch=40000003 syscall=352 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 222.341899][ T40] audit: type=1326 audit(1761229008.956:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8739 comm="syz.2.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 222.343666][ T8742] netlink: 277 bytes leftover after parsing attributes in process `syz.3.666'. [ 222.919524][ T8766] loop6: detected capacity change from 0 to 524288000 [ 223.839526][ T8787] syzkaller1: entered promiscuous mode [ 223.841927][ T8787] syzkaller1: entered allmulticast mode [ 224.570247][ T5947] Bluetooth: hci1: command 0x0406 tx timeout [ 225.189398][ T8814] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 225.193753][ T8814] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 225.197457][ T8814] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 225.200881][ T8814] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 225.340205][ T34] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 225.510067][ T34] usb 6-1: Using ep0 maxpacket: 32 [ 225.513079][ T34] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 225.515637][ T34] usb 6-1: config 0 has no interface number 0 [ 225.519637][ T34] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 225.522708][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.525271][ T34] usb 6-1: Product: syz [ 225.526609][ T34] usb 6-1: Manufacturer: syz [ 225.528047][ T34] usb 6-1: SerialNumber: syz [ 225.531459][ T34] usb 6-1: config 0 descriptor?? [ 225.535162][ T34] smsc95xx v2.0.0 [ 225.536416][ T34] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 225.540412][ T34] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -22 [ 225.719868][ T8820] random: crng reseeded on system resumption [ 225.736271][ T5947] Bluetooth: hci1: unknown advertising packet type: 0x31 [ 225.736302][ T5947] Bluetooth: hci1: Dropping invalid advertising data [ 225.740783][ T5947] Bluetooth: hci1: Malformed LE Event: 0x02 [ 225.740902][ T6008] usb 6-1: USB disconnect, device number 21 [ 226.650114][ T5947] Bluetooth: hci1: adv larger than maximum supported [ 226.820506][ T8842] syzkaller0: entered promiscuous mode [ 226.825419][ T8842] syzkaller0: entered allmulticast mode [ 226.873244][ T6028] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 227.022240][ T6028] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 227.026072][ T6028] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 227.031146][ T6028] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 227.034555][ T6028] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 227.037876][ T6028] usb 6-1: SerialNumber: syz [ 227.262813][ T6028] usb 6-1: 0:2 : does not exist [ 227.277337][ T6028] usb 6-1: 5:0: cannot get min/max values for control 7 (id 5) [ 227.356836][ T6028] usb 6-1: USB disconnect, device number 22 [ 229.080832][ T8879] netlink: 12 bytes leftover after parsing attributes in process `syz.1.710'. [ 229.430841][ T1023] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 229.582698][ T1023] usb 5-1: config index 0 descriptor too short (expected 28277, got 36) [ 229.585519][ T1023] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 229.588762][ T1023] usb 5-1: config 0 has no interfaces? [ 229.591516][ T1023] usb 5-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 229.596018][ T1023] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.603181][ T1023] usb 5-1: config 0 descriptor?? [ 230.194948][ T8899] binder: 8898:8899 ioctl 400c620e 80000380 returned -22 [ 230.305737][ T8905] binder: 8904:8905 ioctl c0046209 0 returned -22 [ 231.336086][ T8918] infiniband syz0: set down [ 231.339011][ T8918] infiniband syz0: added bond_slave_1 [ 231.362636][ T8918] RDS/IB: syz0: added [ 231.364188][ T8918] smc: adding ib device syz0 with port count 1 [ 231.366173][ T8918] smc: ib device syz0 port 1 has no pnetid [ 232.132825][ T5994] usb 5-1: USB disconnect, device number 20 [ 233.940904][ T8946] netlink: 'syz.0.732': attribute type 1 has an invalid length. [ 233.943682][ T8946] netlink: 'syz.0.732': attribute type 3 has an invalid length. [ 233.946167][ T8946] netlink: 172 bytes leftover after parsing attributes in process `syz.0.732'. [ 233.949788][ T8946] NCSI netlink: No device for ifindex 813332851 [ 233.988275][ T8950] usb usb8: usbfs: process 8950 (syz.0.734) did not claim interface 0 before use [ 234.524435][ T8973] netlink: 4 bytes leftover after parsing attributes in process `syz.2.740'. [ 234.665985][ T8974] ISOFS: Unable to identify CD-ROM format. [ 236.250103][ T5953] Bluetooth: hci3: command 0x0406 tx timeout [ 237.893522][ T9025] rdma_rxe: rxe_newlink: failed to add bond_slave_1 [ 238.506359][ T9048] rdma_rxe: rxe_newlink: failed to add bond_slave_1 [ 238.992265][ T9063] usb usb8: usbfs: process 9063 (syz.2.775) did not claim interface 0 before use [ 239.051417][ T9067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 239.059757][ T9067] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 239.835942][ T9083] netlink: 8 bytes leftover after parsing attributes in process `syz.0.780'. [ 240.460510][ T9095] netlink: 244 bytes leftover after parsing attributes in process `syz.3.784'. [ 241.050185][ T1023] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 241.220099][ T1023] usb 6-1: Using ep0 maxpacket: 8 [ 241.223083][ T1023] usb 6-1: config 0 has an invalid interface number: 143 but max is 0 [ 241.226168][ T1023] usb 6-1: config 0 has no interface number 0 [ 241.228072][ T1023] usb 6-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b [ 241.231689][ T1023] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 241.235428][ T1023] usb 6-1: config 0 descriptor?? [ 241.310303][ T9113] ALSA: mixer_oss: invalid OSS volume 'PHONEXÛ0ØIN' [ 241.350760][ T1023] viperboard 6-1:0.143: version 0.00 found at bus 006 address 023 [ 241.367193][ T1023] viperboard-i2c viperboard-i2c.3.auto: error -EIO: failure setting i2c_bus_freq to 100 [ 241.373906][ T1023] viperboard-i2c viperboard-i2c.3.auto: probe with driver viperboard-i2c failed with error -5 [ 241.443886][ T9100] binder: 9099:9100 ioctl 4018620d 0 returned -22 [ 241.700122][ T34] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 241.853320][ T34] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 241.855856][ T34] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 241.858584][ T34] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 241.861835][ T34] usb 5-1: config 220 has no interface number 2 [ 241.863806][ T34] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 241.867865][ T34] usb 5-1: config 220 interface 0 has no altsetting 0 [ 241.870084][ T34] usb 5-1: config 220 interface 76 has no altsetting 0 [ 241.872300][ T34] usb 5-1: config 220 interface 1 has no altsetting 0 [ 241.876539][ T34] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 241.879445][ T34] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 241.882159][ T34] usb 5-1: Product: syz [ 241.883467][ T34] usb 5-1: Manufacturer: syz [ 241.884979][ T34] usb 5-1: SerialNumber: syz [ 242.102976][ T34] usb 5-1: selecting invalid altsetting 0 [ 242.106520][ T34] uvcvideo 5-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 242.109436][ T34] uvcvideo 5-1:220.0: No valid video chain found. [ 242.117517][ T34] usb 5-1: selecting invalid altsetting 0 [ 242.119716][ T34] usbtest 5-1:220.1: probe with driver usbtest failed with error -22 [ 242.123965][ T34] usb 5-1: USB disconnect, device number 21 [ 242.163839][ T9118] netlink: 244 bytes leftover after parsing attributes in process `syz.3.793'. [ 242.196809][ T9122] usb usb8: usbfs: process 9122 (syz.3.795) did not claim interface 0 before use [ 242.855437][ T9142] netlink: 244 bytes leftover after parsing attributes in process `syz.0.803'. [ 243.828431][ T1023] usb 6-1: USB disconnect, device number 23 [ 244.092328][ T9167] netlink: 244 bytes leftover after parsing attributes in process `syz.3.814'. [ 244.170087][ T1023] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 244.332591][ T1023] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 244.336942][ T1023] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 244.340279][ T1023] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 244.344420][ T1023] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 244.347196][ T1023] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.356921][ T1023] usb 6-1: config 0 descriptor?? [ 244.779922][ T1023] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 245.171927][ T9180] netlink: 32 bytes leftover after parsing attributes in process `syz.3.817'. [ 245.181189][ T9180] libceph: resolve '0..' (ret=-3): failed [ 245.787595][ T9186] usb usb8: usbfs: process 9186 (syz.2.819) did not claim interface 0 before use [ 245.994617][ T9199] netlink: 244 bytes leftover after parsing attributes in process `syz.3.823'. [ 246.889144][ T9207] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 246.893958][ T9207] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 246.895989][ T24] usb 6-1: USB disconnect, device number 24 [ 247.061105][ T9213] usb usb8: usbfs: process 9213 (syz.0.829) did not claim interface 0 before use [ 247.638005][ T9224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 247.643481][ T9224] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 248.059908][ T9232] hfsplus: unable to find HFS+ superblock [ 248.830275][ T9244] usb usb8: usbfs: process 9244 (syz.1.838) did not claim interface 0 before use [ 248.959029][ T9251] mmap: syz.1.839 (9251) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 249.545803][ T9259] rdma_rxe: rxe_newlink: failed to add bond_slave_1 [ 250.025810][ T9265] input: syz1 as /devices/virtual/input/input25 [ 250.488577][ T9273] syzkaller0: entered promiscuous mode [ 250.494213][ T9273] syzkaller0: entered allmulticast mode [ 250.647981][ T9279] netlink: 16 bytes leftover after parsing attributes in process `syz.2.849'. [ 254.823136][ T9365] netlink: 8 bytes leftover after parsing attributes in process `syz.0.873'. [ 257.203182][ T9417] netlink: 'syz.1.894': attribute type 2 has an invalid length. [ 258.160121][ T24] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 258.340518][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 258.344152][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 258.347306][ T24] usb 6-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 258.351080][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.355955][ T24] usb 6-1: config 0 descriptor?? [ 258.765563][ T24] arvo 0003:1E7D:30D4.0005: item fetching failed at offset 5/7 [ 258.773184][ T24] arvo 0003:1E7D:30D4.0005: parse failed [ 258.775497][ T24] arvo 0003:1E7D:30D4.0005: probe with driver arvo failed with error -22 [ 258.987615][ T7745] usb 6-1: USB disconnect, device number 25 [ 259.820116][ T24] usb 6-1: new full-speed USB device number 26 using dummy_hcd [ 259.820860][ T9452] usb usb8: usbfs: process 9452 (syz.0.907) did not claim interface 0 before use [ 259.923360][ T9456] netlink: 244 bytes leftover after parsing attributes in process `syz.0.909'. [ 259.941795][ T9458] netlink: 16 bytes leftover after parsing attributes in process `syz.2.910'. [ 259.974368][ T24] usb 6-1: unable to get BOS descriptor or descriptor too short [ 259.977511][ T24] usb 6-1: not running at top speed; connect to a high speed hub [ 259.980870][ T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 259.984304][ T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 259.989220][ T24] usb 6-1: string descriptor 0 read error: -22 [ 259.992196][ T24] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 259.995374][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.014909][ T24] usb 6-1: 0:2 : does not exist [ 260.252865][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.256605][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 260.325997][ T9476] ALSA: seq fatal error: cannot create timer (-19) [ 260.442243][ T9488] netlink: 16 bytes leftover after parsing attributes in process `syz.2.922'. [ 260.825355][ T24] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 260.833117][ T24] usb 6-1: 5:0: cannot get min/max values for control 3 (id 5) [ 260.838090][ T24] usb 6-1: 5:0: failed to get current value for ch 1 (-22) [ 260.855793][ T24] usb 6-1: 5:0: cannot get min/max values for control 3 (id 5) [ 260.860548][ T24] usb 6-1: USB disconnect, device number 26 [ 261.380501][ T5947] Bluetooth: hci2: Invalid handle: 0x20c9 > 0x0eff [ 261.406017][ T9506] netlink: 8 bytes leftover after parsing attributes in process `syz.3.929'. [ 261.409399][ T9506] gre0: Master is either lo or non-ether device [ 261.417597][ T9508] usb usb8: usbfs: process 9508 (syz.2.930) did not claim interface 0 before use [ 261.596367][ T9521] netlink: 16 bytes leftover after parsing attributes in process `syz.0.935'. [ 261.620073][ T6008] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 261.803038][ T6008] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 261.806608][ T6008] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.809744][ T6008] usb 6-1: Product: syz [ 261.820155][ T6008] usb 6-1: Manufacturer: syz [ 261.822027][ T6008] usb 6-1: SerialNumber: syz [ 261.824640][ T6008] usb 6-1: config 0 descriptor?? [ 262.033963][ T1023] usb 6-1: USB disconnect, device number 27 [ 262.510727][ T9528] openvswitch: netlink: Missing valid actions attribute. [ 262.513696][ T9528] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 262.521152][ T9530] netlink: 'syz.0.938': attribute type 1 has an invalid length. [ 262.524907][ T9530] netlink: 232 bytes leftover after parsing attributes in process `syz.0.938'. [ 262.527788][ T9530] NCSI netlink: No device for ifindex 128 [ 262.602576][ T9539] fuse: Bad value for 'fd' [ 262.830156][ T6008] usb 6-1: new full-speed USB device number 28 using dummy_hcd [ 263.001272][ T6008] usb 6-1: not running at top speed; connect to a high speed hub [ 263.004500][ T6008] usb 6-1: config 186 has an invalid interface number: 105 but max is 0 [ 263.007157][ T6008] usb 6-1: config 186 has no interface number 0 [ 263.009288][ T6008] usb 6-1: config 186 interface 105 has no altsetting 0 [ 263.013971][ T6008] usb 6-1: New USB device found, idVendor=2eca, idProduct=c101, bcdDevice=75.b9 [ 263.017552][ T6008] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.020294][ T6008] usb 6-1: Product: syz [ 263.021761][ T6008] usb 6-1: Manufacturer: syz [ 263.023515][ T6008] usb 6-1: SerialNumber: syz [ 263.240548][ T6008] usb 6-1: USB disconnect, device number 28 [ 263.552900][ T9556] binder: 9554:9556 ioctl c0306201 0 returned -14 [ 263.652858][ T9558] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 263.656585][ T9558] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 263.776770][ T9560] netlink: 36 bytes leftover after parsing attributes in process `syz.1.949'. [ 263.779701][ T9560] netlink: 16 bytes leftover after parsing attributes in process `syz.1.949'. [ 263.783647][ T9560] netlink: 36 bytes leftover after parsing attributes in process `syz.1.949'. [ 263.787495][ T9560] netlink: 36 bytes leftover after parsing attributes in process `syz.1.949'. [ 263.791174][ T1023] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 263.950189][ T1023] usb 5-1: Using ep0 maxpacket: 32 [ 263.954477][ T1023] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 263.958087][ T1023] usb 5-1: config 0 interface 0 altsetting 128 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 263.962574][ T1023] usb 5-1: config 0 interface 0 has no altsetting 0 [ 263.964966][ T1023] usb 5-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 263.968031][ T1023] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.972463][ T1023] usb 5-1: config 0 descriptor?? [ 263.978056][ T1023] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 264.280109][ T9574] usb usb8: usbfs: process 9574 (syz.3.955) did not claim interface 0 before use [ 265.678904][ T24] kernel read not supported for file /dsp (pid: 24 comm: kworker/2:0) [ 266.298863][ T9612] __nla_validate_parse: 1 callbacks suppressed [ 266.298878][ T9612] netlink: 8 bytes leftover after parsing attributes in process `syz.3.965'. [ 266.520596][ T5994] usb 5-1: USB disconnect, device number 22 [ 266.636742][ T9603] block nbd2: shutting down sockets [ 266.841775][ T9630] binder: BINDER_SET_CONTEXT_MGR bad uid 0 != 60928 [ 266.844961][ T9630] binder: 9629:9630 ioctl 4018620d 800000c0 returned -1 [ 267.091812][ T9648] binder: 9629:9648 ioctl c0306201 0 returned -14 [ 267.175978][ T9654] netlink: 'syz.2.969': attribute type 6 has an invalid length. [ 267.220205][ T9648] binder: 9629:9648 ioctl c0306201 0 returned -14 [ 268.372730][ T9704] program syz.0.974 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 268.377908][ T9704] netlink: 12 bytes leftover after parsing attributes in process `syz.0.974'. [ 268.786378][ T9706] Bluetooth: MGMT ver 1.23 [ 268.968361][ T9715] netlink: 12 bytes leftover after parsing attributes in process `syz.2.978'. [ 269.935167][ T9728] program syz.2.982 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 270.829903][ T9741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 270.833857][ T9741] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 271.450138][ T53] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 271.610172][ T53] usb 6-1: Using ep0 maxpacket: 8 [ 271.613399][ T53] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 271.616255][ T53] usb 6-1: config 179 has no interface number 0 [ 271.618833][ T53] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 271.625595][ T53] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 271.630450][ T53] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 271.634085][ T53] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 271.637405][ T53] usb 6-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 271.642837][ T53] usb 6-1: config 179 interface 65 has no altsetting 0 [ 271.645018][ T53] usb 6-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 271.647935][ T53] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 271.662295][ T53] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input27 [ 271.860791][ C1] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 271.863650][ T53] usb 6-1: USB disconnect, device number 29 [ 272.617413][ T9764] netlink: 232 bytes leftover after parsing attributes in process `syz.0.996'. [ 275.220874][ T9815] random: crng reseeded on system resumption [ 275.247024][ T9815] nfs4: Unknown parameter 'noaal' [ 275.990757][ T40] kauditd_printk_skb: 7 callbacks suppressed [ 275.990769][ T40] audit: type=1107 audit(1761229062.606:289): pid=9817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 276.900549][ T9851] vcan0: tx address claim with different name [ 278.199340][ T9873] random: crng reseeded on system resumption [ 278.360130][ T6028] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 278.520085][ T6028] usb 6-1: Using ep0 maxpacket: 32 [ 278.530093][ T6028] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 278.533822][ T6028] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 278.539078][ T6028] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 278.542250][ T6028] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 278.546280][ T6028] usb 6-1: config 0 descriptor?? [ 278.549819][ T6028] hub 6-1:0.0: USB hub found [ 278.753132][ T6028] hub 6-1:0.0: 1 port detected [ 278.789662][ T9887] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 278.792466][ T9887] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 278.805470][ T9887] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 278.807563][ T9887] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 278.819055][ T9887] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 278.823314][ T9887] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 279.358499][ T6028] hub 6-1:0.0: activate --> -90 [ 279.780153][ T9871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 279.793394][ T9871] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 279.796953][ T34] usb 6-1: USB disconnect, device number 30 [ 280.010154][ T6028] usb 6-1-port1: config error [ 280.731627][ T5953] Bluetooth: hci1: command 0x0406 tx timeout [ 280.820120][ T5953] Bluetooth: hci2: command 0x0406 tx timeout [ 280.900108][ T5953] Bluetooth: hci3: command 0x0406 tx timeout [ 281.560181][ T24] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 281.723438][ T24] usb 6-1: Using ep0 maxpacket: 32 [ 281.727235][ T24] usb 6-1: config 0 has an invalid interface number: 196 but max is 0 [ 281.730356][ T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 281.733837][ T24] usb 6-1: config 0 has no interface number 0 [ 281.735868][ T24] usb 6-1: config 0 interface 196 altsetting 1 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 281.739372][ T24] usb 6-1: config 0 interface 196 altsetting 1 endpoint 0x2 has invalid wMaxPacketSize 0 [ 281.742718][ T24] usb 6-1: config 0 interface 196 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 281.746753][ T24] usb 6-1: config 0 interface 196 has no altsetting 0 [ 281.751924][ T24] usb 6-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 281.754965][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 281.757557][ T24] usb 6-1: Product: syz [ 281.758895][ T24] usb 6-1: Manufacturer: syz [ 281.760552][ T24] usb 6-1: SerialNumber: syz [ 281.764117][ T24] usb 6-1: config 0 descriptor?? [ 282.708532][ T24] ipheth 6-1:0.196: Unable to find endpoints [ 282.740888][ T24] usb 6-1: USB disconnect, device number 31 [ 282.820571][ T5953] Bluetooth: hci1: command 0x0406 tx timeout [ 282.900195][ T5953] Bluetooth: hci2: command 0x0406 tx timeout [ 282.970092][ T5953] Bluetooth: hci3: command 0x0406 tx timeout [ 283.580571][ T9938] orangefs_mount: mount request failed with -4 [ 284.854724][ T9970] netlink: 'syz.0.1065': attribute type 1 has an invalid length. [ 284.857867][ T9970] netlink: 172 bytes leftover after parsing attributes in process `syz.0.1065'. [ 284.920215][ T34] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 285.070091][ T34] usb 6-1: Using ep0 maxpacket: 16 [ 285.090674][ T34] usb 6-1: New USB device found, idVendor=0586, idProduct=1500, bcdDevice=2e.97 [ 285.093747][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 285.096474][ T34] usb 6-1: Product: syz [ 285.097845][ T34] usb 6-1: Manufacturer: syz [ 285.099380][ T34] usb 6-1: SerialNumber: syz [ 285.102324][ T34] usb 6-1: config 0 descriptor?? [ 285.107601][ T34] omninet 6-1:0.0: required endpoints missing [ 285.312827][ T34] usb 6-1: USB disconnect, device number 32 [ 285.914277][ T9983] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 286.630134][T10009] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 287.718421][T10030] netlink: 'syz.2.1086': attribute type 1 has an invalid length. [ 287.721605][T10030] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1086'. [ 287.752957][T10033] random: crng reseeded on system resumption [ 287.837766][T10034] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1083'. [ 287.852491][T10034] dummy0 (unregistering): left allmulticast mode [ 287.896534][T10036] /dev/nullb0: Can't open blockdev [ 288.793025][T10058] netlink: 'syz.2.1096': attribute type 1 has an invalid length. [ 288.795798][T10058] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1096'. [ 289.279370][T10073] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1100'. [ 289.357270][T10074] ISOFS: Unable to identify CD-ROM format. [ 290.047922][T10084] netlink: 'syz.2.1105': attribute type 1 has an invalid length. [ 290.051405][T10084] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1105'. [ 290.627112][T10102] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1112'. [ 290.981213][ C3] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 291.302021][T10117] netlink: 'syz.2.1117': attribute type 1 has an invalid length. [ 291.304929][T10117] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1117'. [ 293.130277][ T53] usb 6-1: new high-speed USB device number 33 using dummy_hcd [ 293.259966][T10169] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1136'. [ 293.309909][ T53] usb 6-1: config index 0 descriptor too short (expected 28277, got 36) [ 293.312607][ T53] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 293.315738][ T53] usb 6-1: config 0 has no interfaces? [ 293.317548][ T53] usb 6-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 293.320538][ T53] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.325104][ T53] usb 6-1: config 0 descriptor?? [ 293.853569][T10189] input: syz1 as /devices/virtual/input/input28 [ 294.143090][T10204] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1147'. [ 295.225730][T10230] kvm: pic: non byte read [ 295.229276][T10230] kvm: pic: non byte read [ 295.233086][T10230] kvm: pic: level sensitive irq not supported [ 295.233507][T10230] kvm: pic: non byte read [ 295.239197][T10230] kvm: pic: level sensitive irq not supported [ 295.239513][T10230] kvm: pic: non byte read [ 295.244801][T10230] kvm: pic: non byte read [ 295.247689][T10230] kvm: pic: single mode not supported [ 295.249175][T10230] kvm: pic: non byte read [ 295.255033][T10230] kvm: pic: non byte read [ 295.258100][T10230] kvm: pic: non byte read [ 295.261228][T10230] kvm: pic: non byte read [ 295.433944][T10243] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1160'. [ 295.815016][ T34] usb 6-1: USB disconnect, device number 33 [ 296.073457][ T5953] Bluetooth: hci1: unexpected cc 0x203e length: 2 > 1 [ 296.076474][ T5953] Bluetooth: hci1: unexpected event for opcode 0x203e [ 296.411328][T10265] kvm: pic: non byte read [ 296.419007][T10265] kvm: pic: level sensitive irq not supported [ 296.421398][T10265] kvm: pic: level sensitive irq not supported [ 296.429418][T10265] kvm: pic: single mode not supported [ 296.758460][T10274] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1169'. [ 296.766781][T10274] libceph: resolve '0..' (ret=-3): failed [ 297.605921][ T5953] Bluetooth: hci2: hardware error 0x06 [ 298.580648][ T13] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 298.583252][ T13] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 298.585850][ T13] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 298.588438][ T13] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 299.187516][T10350] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 299.191143][T10350] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 299.610506][ T5953] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 300.100110][ T5953] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 300.102906][ T5953] Bluetooth: hci1: Injecting HCI hardware error event [ 300.106255][ T5947] Bluetooth: hci1: hardware error 0x00 [ 300.362238][ T6028] IPVS: starting estimator thread 0... [ 300.460335][T10378] IPVS: using max 44 ests per chain, 105600 per kthread [ 301.448109][T10397] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1212'. [ 301.697029][T10403] hfsplus: unable to find HFS+ superblock [ 302.180308][ T5947] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 302.668445][T10430] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1222'. [ 302.957567][T10436] syzkaller0: entered promiscuous mode [ 302.959604][T10436] syzkaller0: entered allmulticast mode [ 302.962864][ T93] syzkaller0: tun_net_xmit 70 [ 302.967349][T10436] syzkaller0: tun_net_xmit 14 [ 303.701219][T10453] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 303.701603][T10453] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 304.153995][T10465] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1231'. [ 305.184634][T10477] syzkaller0: entered promiscuous mode [ 305.186436][T10477] syzkaller0: entered allmulticast mode [ 305.189237][ T93] syzkaller0: tun_net_xmit 70 [ 305.191766][T10477] syzkaller0: tun_net_xmit 14 [ 305.284700][T10481] input: syz1 as /devices/virtual/input/input29 [ 305.837196][T10489] syz.3.1239 (10489): drop_caches: 2 [ 305.839619][T10489] syz.3.1239 (10489): drop_caches: 2 [ 306.836587][T10526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 306.840012][T10526] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 306.880159][ T1334] usb 6-1: new high-speed USB device number 34 using dummy_hcd [ 307.030962][ T1334] usb 6-1: Using ep0 maxpacket: 32 [ 307.033777][ T1334] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 307.038486][ T1334] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 307.042189][ T1334] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 307.045265][ T1334] usb 6-1: Product: syz [ 307.046638][ T1334] usb 6-1: Manufacturer: syz [ 307.048571][ T1334] usb 6-1: SerialNumber: syz [ 307.052259][ T1334] usb 6-1: config 0 descriptor?? [ 307.055299][T10514] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 307.063075][ T1334] hub 6-1:0.0: bad descriptor, ignoring hub [ 307.065467][ T1334] hub 6-1:0.0: probe with driver hub failed with error -5 [ 307.121961][ T13] Bluetooth: hci4: Frame reassembly failed (-84) [ 307.122213][ T5953] Bluetooth: hci4: Malformed Event: 0x02 [ 307.377378][T10537] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 307.380910][T10537] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 307.517883][T10535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 307.521064][T10535] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 308.533831][ T5994] usb 6-1: USB disconnect, device number 34 [ 309.130118][ T5947] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 309.266153][T10561] input: syz1 as /devices/virtual/input/input30 [ 309.550983][ T5994] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 309.563069][T10579] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 309.566921][T10579] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 309.720079][ T5994] usb 5-1: Using ep0 maxpacket: 16 [ 309.723071][ T5994] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 309.726447][ T5994] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 309.731116][ T5994] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 309.734116][ T5994] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 309.736684][ T5994] usb 5-1: Product: syz [ 309.738035][ T5994] usb 5-1: Manufacturer: syz [ 309.739490][ T5994] usb 5-1: SerialNumber: syz [ 310.152562][ T5994] usb 5-1: 0:2 : does not exist [ 310.430653][ T34] usb 6-1: new high-speed USB device number 35 using dummy_hcd [ 310.560484][ T5994] usb 5-1: 5:0: failed to get current value for ch 0 (-22) [ 310.571057][ T5994] usb 5-1: USB disconnect, device number 23 [ 310.590098][ T34] usb 6-1: Using ep0 maxpacket: 8 [ 310.594131][ T34] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 310.597517][ T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 310.601482][ T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 310.602381][ T6049] udevd[6049]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 310.604644][ T34] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 310.614283][ T34] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 310.617095][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 310.775002][T10621] [ 310.830593][ T34] usb 6-1: usb_control_msg returned -32 [ 310.833488][ T34] usbtmc 6-1:16.0: can't read capabilities [ 313.223149][ T24] usb 6-1: USB disconnect, device number 35 [ 314.374938][T10706] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1323'. [ 314.429625][T10709] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 314.437472][T10709] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 315.386015][T10742] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1332'. [ 315.550807][ T1023] usb 6-1: new high-speed USB device number 36 using dummy_hcd [ 315.720321][ T1023] usb 6-1: Using ep0 maxpacket: 16 [ 315.742622][ T1023] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 315.747047][ T1023] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 315.755960][ T1023] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 315.759819][ T1023] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 315.763320][ T1023] usb 6-1: Product: syz [ 315.765732][ T1023] usb 6-1: Manufacturer: syz [ 315.768056][ T1023] usb 6-1: SerialNumber: syz [ 316.191527][ T1023] usb 6-1: 0:2 : does not exist [ 316.596152][ T1023] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 316.613112][ T1023] usb 6-1: USB disconnect, device number 36 [ 316.632716][ T6049] udevd[6049]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 316.901986][T10767] syzkaller0: entered promiscuous mode [ 316.903847][T10767] syzkaller0: entered allmulticast mode [ 316.994059][T10769] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1343'. [ 318.013748][T10789] binder: 10781:10789 ioctl c0306201 0 returned -14 [ 318.133271][T10789] binder: 10781:10789 ioctl c0306201 0 returned -14 [ 318.304106][T10806] syzkaller0: entered promiscuous mode [ 318.305914][T10806] syzkaller0: entered allmulticast mode [ 318.437322][T10811] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1353'. [ 318.700227][ T5994] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 318.860962][ T5994] usb 5-1: Using ep0 maxpacket: 32 [ 318.863890][ T5994] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 318.868708][ T5994] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 318.871874][ T5994] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 318.874394][ T5994] usb 5-1: Product: syz [ 318.875762][ T5994] usb 5-1: Manufacturer: syz [ 318.877447][ T5994] usb 5-1: SerialNumber: syz [ 318.880663][ T5994] usb 5-1: config 0 descriptor?? [ 318.885291][T10814] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 318.889441][ T5994] hub 5-1:0.0: bad descriptor, ignoring hub [ 318.892043][ T5994] hub 5-1:0.0: probe with driver hub failed with error -5 [ 318.994404][T10826] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1360'. [ 319.141387][T10834] netlink: 'syz.1.1357': attribute type 6 has an invalid length. [ 319.392826][T10836] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 319.397410][T10836] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 320.061750][T10855] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1370'. [ 320.188286][T10864] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1368'. [ 320.191773][T10864] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1368'. [ 321.020369][ T24] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 321.171783][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 321.175214][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 321.178250][ T24] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 321.181667][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.185413][ T24] usb 6-1: config 0 descriptor?? [ 321.596378][ T24] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 321.598812][ T24] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 321.601293][ T24] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 321.603657][ T24] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 321.606028][ T24] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 321.613368][ T24] cm6533_jd 0003:0D8C:0022.0006: hiddev1,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 321.694038][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 321.696145][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 321.796747][ T24] usb 6-1: USB disconnect, device number 37 [ 322.865622][ T6028] usb 5-1: USB disconnect, device number 24 [ 323.875352][ T93] Bluetooth: hci4: Frame reassembly failed (-90) [ 323.988702][T10941] Illegal XDP return value 1747706954 on prog (id 247) dev syz_tun, expect packet loss! [ 324.180190][ T24] ================================================================== [ 324.180203][ T24] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60 [ 324.180246][ T24] Write of size 8 at addr ffffc90004d610e0 by task kworker/2:0/24 [ 324.180260][ T24] [ 324.180268][ T24] CPU: 2 UID: 0 PID: 24 Comm: kworker/2:0 Not tainted syzkaller #0 PREEMPT(full) [ 324.180285][ T24] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 324.180297][ T24] Workqueue: events_power_efficient fb_flashcursor [ 324.180314][ T24] Call Trace: [ 324.180318][ T24] [ 324.180323][ T24] dump_stack_lvl+0x116/0x1f0 [ 324.180337][ T24] print_report+0xcd/0x630 [ 324.180351][ T24] ? __virt_addr_valid+0x81/0x610 [ 324.180380][ T24] ? sys_imageblit+0x1a6f/0x1e60 [ 324.180392][ T24] kasan_report+0xe0/0x110 [ 324.180406][ T24] ? sys_imageblit+0x1a6f/0x1e60 [ 324.180419][ T24] sys_imageblit+0x1a6f/0x1e60 [ 324.180433][ T24] ? __pfx_sys_imageblit+0x10/0x10 [ 324.180448][ T24] ? trace_kmalloc+0x2b/0xd0 [ 324.180462][ T24] ? __kmalloc_noprof+0x34f/0x880 [ 324.180479][ T24] ? kfree+0x252/0x6d0 [ 324.180488][ T24] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 324.180501][ T24] soft_cursor+0x524/0xa10 [ 324.180519][ T24] bit_cursor+0xe8c/0x17e0 [ 324.180537][ T24] ? __pfx_bit_cursor+0x10/0x10 [ 324.180555][ T24] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 324.180574][ T24] ? get_color+0x1da/0x450 [ 324.180588][ T24] ? __pfx_bit_cursor+0x10/0x10 [ 324.180604][ T24] fb_flashcursor+0x310/0x400 [ 324.180619][ T24] process_one_work+0x9cf/0x1b70 [ 324.180639][ T24] ? __pfx_process_one_work+0x10/0x10 [ 324.180658][ T24] ? assign_work+0x1a0/0x250 [ 324.180674][ T24] worker_thread+0x6c8/0xf10 [ 324.180694][ T24] ? __pfx_worker_thread+0x10/0x10 [ 324.180710][ T24] kthread+0x3c5/0x780 [ 324.180726][ T24] ? __pfx_kthread+0x10/0x10 [ 324.180742][ T24] ? rcu_is_watching+0x12/0xc0 [ 324.180753][ T24] ? __pfx_kthread+0x10/0x10 [ 324.180769][ T24] ret_from_fork+0x675/0x7d0 [ 324.180785][ T24] ? __pfx_kthread+0x10/0x10 [ 324.180800][ T24] ret_from_fork_asm+0x1a/0x30 [ 324.180819][ T24] [ 324.180822][ T24] [ 324.180826][ T24] The buggy address belongs to a vmalloc virtual mapping [ 324.180834][ T24] Memory state around the buggy address: [ 324.180840][ T24] ffffc90004d60f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 324.180847][ T24] ffffc90004d61000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 324.180855][ T24] >ffffc90004d61080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 324.180860][ T24] ^ [ 324.180866][ T24] ffffc90004d61100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 324.180873][ T24] ffffc90004d61180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 324.180879][ T24] ================================================================== [ 324.180912][ T24] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 324.180920][ T24] CPU: 2 UID: 0 PID: 24 Comm: kworker/2:0 Not tainted syzkaller #0 PREEMPT(full) [ 324.180932][ T24] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 324.180939][ T24] Workqueue: events_power_efficient fb_flashcursor [ 324.180953][ T24] Call Trace: [ 324.180957][ T24] [ 324.180961][ T24] dump_stack_lvl+0x3d/0x1f0 [ 324.180972][ T24] vpanic+0x640/0x6f0 [ 324.180988][ T24] panic+0xca/0xd0 [ 324.181003][ T24] ? __pfx_panic+0x10/0x10 [ 324.181020][ T24] ? check_panic_on_warn+0x1f/0xb0 [ 324.181037][ T24] check_panic_on_warn+0xab/0xb0 [ 324.181053][ T24] end_report+0x107/0x170 [ 324.181067][ T24] kasan_report+0xee/0x110 [ 324.181081][ T24] ? sys_imageblit+0x1a6f/0x1e60 [ 324.181094][ T24] sys_imageblit+0x1a6f/0x1e60 [ 324.181108][ T24] ? __pfx_sys_imageblit+0x10/0x10 [ 324.181123][ T24] ? trace_kmalloc+0x2b/0xd0 [ 324.181136][ T24] ? __kmalloc_noprof+0x34f/0x880 [ 324.181158][ T24] ? kfree+0x252/0x6d0 [ 324.181167][ T24] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 324.181179][ T24] soft_cursor+0x524/0xa10 [ 324.181197][ T24] bit_cursor+0xe8c/0x17e0 [ 324.181215][ T24] ? __pfx_bit_cursor+0x10/0x10 [ 324.181234][ T24] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 324.181252][ T24] ? get_color+0x1da/0x450 [ 324.181267][ T24] ? __pfx_bit_cursor+0x10/0x10 [ 324.181283][ T24] fb_flashcursor+0x310/0x400 [ 324.181297][ T24] process_one_work+0x9cf/0x1b70 [ 324.181317][ T24] ? __pfx_process_one_work+0x10/0x10 [ 324.181336][ T24] ? assign_work+0x1a0/0x250 [ 324.181352][ T24] worker_thread+0x6c8/0xf10 [ 324.181371][ T24] ? __pfx_worker_thread+0x10/0x10 [ 324.181388][ T24] kthread+0x3c5/0x780 [ 324.181404][ T24] ? __pfx_kthread+0x10/0x10 [ 324.181420][ T24] ? rcu_is_watching+0x12/0xc0 [ 324.181431][ T24] ? __pfx_kthread+0x10/0x10 [ 324.181447][ T24] ret_from_fork+0x675/0x7d0 [ 324.181462][ T24] ? __pfx_kthread+0x10/0x10 [ 324.181478][ T24] ret_from_fork_asm+0x1a/0x30 [ 324.181496][ T24] [ 324.182095][ T24] Kernel Offset: disabled VM DIAGNOSIS: 14:18:30 Registers: info registers vcpu 0 CPU#0 RAX=0000000080010001 RBX=0000000000000000 RCX=ffffffff81613573 RDX=ffffffff8e097a00 RSI=ffffffff816135bb RDI=ffffffff93a5ffe0 RBP=ffff88802b220000 RSP=ffffc90000007fd0 R8 =0000000000000001 R9 =fffffbfff274bffc R10=ffffffff93a5ffe7 R11=0000000000000001 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff816135bc RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097812000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c3784e8 CR3=000000007892d000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000080010001 RBX=0000000000000000 RCX=ffffffff81613573 RDX=ffff888028c34900 RSI=ffffffff816135bb RDI=ffffffff93a5ffe0 RBP=ffff88802b320000 RSP=ffffc90000590fd0 R8 =0000000000000001 R9 =fffffbfff274bffc R10=ffffffff93a5ffe7 R11=0000000000000001 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff816135bc RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097912000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080019680 CR3=000000004b672000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff85266520 RDI=ffffffff9adc0d60 RBP=ffffffff9adc0d20 RSP=ffffc9000051f358 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=666f206574697257 R12=0000000000000000 R13=ffffffff9adc0d70 R14=ffffffff9adc0d20 R15=ffffffff9adc0fe0 RIP=ffffffff85266547 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097a12000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000300ffffc CR3=000000006b6c0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=ffd6e8615e04b91e a105333ec7cb60c6 ffd6e8615e04b91e a105333ec7cb60c6 ffd6e8615e04b91e a105333ec7cb60c6 ffd6e8615e04b91e a105333ec7cb60c6 ZMM18=a3b843649a69911e dfb31324a9990d31 a3b843649a69911e dfb31324a9990d31 a3b843649a69911e dfb31324a9990d31 a3b843649a69911e dfb31324a9990d31 ZMM19=440b000000000000 0000000000000004 440b000000000000 0000000000000003 440b000000000000 0000000000000002 440b000000000000 0000000000000001 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffef0801 8380030004000184 08000182800201c7 0800080049ae0065 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7375662f7665642f 01ffffffffffffff ffeb080182800308 8090080040800800 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 01800201c7080008 0140fe0030656c69 662f2e01ffffffff ffffffffef080180 ZMM24=2ab66c642ab66c64 2ab66c642ab66c64 2ab66c642ab66c64 2ab66c642ab66c64 2ab66c642ab66c64 2ab66c642ab66c64 2ab66c642ab66c64 2ab66c642ab66c64 ZMM25=3c8675353c867535 3c8675353c867535 3c8675353c867535 3c8675353c867535 3c8675353c867535 3c8675353c867535 3c8675353c867535 3c8675353c867535 ZMM26=5ae644bd5ae644bd 5ae644bd5ae644bd 5ae644bd5ae644bd 5ae644bd5ae644bd 5ae644bd5ae644bd 5ae644bd5ae644bd 5ae644bd5ae644bd 5ae644bd5ae644bd ZMM27=f093d9b2f093d9b2 f093d9b2f093d9b2 f093d9b2f093d9b2 f093d9b2f093d9b2 f093d9b2f093d9b2 f093d9b2f093d9b2 f093d9b2f093d9b2 f093d9b2f093d9b2 ZMM28=000000600000005f 0000005e0000005d 0000005c0000005b 0000005a00000059 0000005800000057 0000005600000055 0000005400000053 0000005200000051 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=d0110000d0110000 d0110000d0110000 d0110000d0110000 d0110000d0110000 d0110000d0110000 d0110000d0110000 d0110000d0110000 d0110000d0110000 info registers vcpu 3 CPU#3 RAX=0000000080010001 RBX=0000000000000000 RCX=ffffffff81613573 RDX=ffff88801bf18000 RSI=ffffffff816135bb RDI=ffffffff93a5ffe0 RBP=ffff88802b520000 RSP=ffffc900005e8fd0 R8 =0000000000000001 R9 =fffffbfff274bffc R10=ffffffff93a5ffe7 R11=0000000000000001 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff816135bc RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097b12000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c3a162c CR3=000000006b6c0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000